28 matches found
ROS-20260403-73-0002
A vulnerability in the smb2sesssetup function of the fs/smb/server/smb2pdu.c module of the ksmbd component of the Linux operating system kernel is related to the ability to use memory after it has been freed. Exploitation of the vulnerability could allow an attacker acting remotely to cause a...
SUSE CVE-2025-40285
In the Linux kernel, the following vulnerability has been resolved: smb/server: fix possible refcount leak in smb2sesssetup Reference count of ksmbdsession will leak when session need reconnect. Fix this by adding the missing ksmbdusersessionput...
CVE-2025-40285
In the Linux kernel, the following vulnerability has been resolved: smb/server: fix possible refcount leak in smb2sesssetup Reference count of ksmbdsession will leak when session need reconnect. Fix this by adding the missing ksmbdusersessionput...
CVE-2025-40285
In the Linux kernel, the following vulnerability has been resolved: smb/server: fix possible refcount leak in smb2sesssetup Reference count of ksmbdsession will leak when session need reconnect. Fix this by adding the missing ksmbdusersessionput...
CVE-2025-40285 smb/server: fix possible refcount leak in smb2_sess_setup()
In the Linux kernel, the following vulnerability has been resolved: smb/server: fix possible refcount leak in smb2sesssetup Reference count of ksmbdsession will leak when session need reconnect. Fix this by adding the missing ksmbdusersessionput...
VulnCheck KEV: CVE-2025-37899
In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix use-after-free in session logoff The sess-user object can currently be in use by another thread, for example if another connection has sent a session setup request to bind to the session being free'd. The handler for...
EUVD-2024-45139
Malicious code in bioql PyPI...
CVE-2023-3867 ksmbd: fix out of bounds read in smb2_sess_setup
In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix out of bounds read in smb2sesssetup ksmbd does not consider the case of that smb2 session setup is in compound request. If this is the second payload of the compound, OOB read issue occurs while processing the first...
Linux Distros Unpatched Vulnerability : CVE-2025-37778
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ksmbd: Fix dangling pointer in krbauthenticate krbauthenticate frees sess-user and does not set the pointer to NULL. It calls ksmbdkrb5authenticate to...
CVE-2025-37778
In the Linux kernel, the following vulnerability has been resolved: ksmbd: Fix dangling pointer in krbauthenticate krbauthenticate frees sess-user and does not set the pointer to NULL. It calls ksmbdkrb5authenticate to reinitialise sess-user but that function may return without doing so. If that...
PT-2025-18459
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A dangling pointer issue in the krb authenticate function has been identified. The krb authenticate function frees sess-user but does not set the pointer to NULL. It then calls ksmbd krb...
Linux Distros Unpatched Vulnerability : CVE-2024-50086
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix user-after-free from session log off There is racy issue between smb2 session log...
ksmbd: fix slab-use-after-free in ksmbd_smb2_session_create
...
CVE-2024-50086
In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix user-after-free from session log off There is racy issue between smb2 session log off and smb2 session setup. It will cause user-after-free from session log off. This add sessionlock when setting SMB2SESSIONEXPIRED and...
CVE-2024-50086
In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix user-after-free from session log off There is racy issue between smb2 session log off and smb2 session setup. It will cause user-after-free from session log off. This add sessionlock when setting SMB2SESSIONEXPIRED and...
UBUNTU-CVE-2024-50086
In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix user-after-free from session log off There is racy issue between smb2 session log off and smb2 session setup. It will cause user-after-free from session log off. This add sessionlock when setting SMB2SESSIONEXPIRED and...
CVE-2024-50086 ksmbd: fix user-after-free from session log off
In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix user-after-free from session log off There is racy issue between smb2 session log off and smb2 session setup. It will cause user-after-free from session log off. This add sessionlock when setting SMB2SESSIONEXPIRED and...
CVE-2024-50086
Summary of findings (CVE-2024-50086): In the Linux kernel, the ksmbd component had a race between SMB2 session log off and SMB2 session setup that could lead to a user-after-free. The patch introduces a session_lock when SMB2_SESSION_EXPIRED is set and makes the session’s reference count apply to...
CVE-2024-50086 ksmbd: fix user-after-free from session log off
In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix user-after-free from session log off There is racy issue between smb2 session log off and smb2 session setup. It will cause user-after-free from session log off. This add sessionlock when setting SMB2SESSIONEXPIRED and...
SUSE CVE-2023-3867
In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix out of bounds read in smb2sesssetup ksmbd does not consider the case of that smb2 session setup is in compound request. If this is the second payload of the compound, OOB read issue occurs while processing the first...