Astra Linux - уязвимость в linux-5.15

A issue was discovered in ksmbd within the Linux kernel versions 5.15 through 5.19, prior to 5.19.2. The file fs/ksmbd/smb2pdu.c omits a kfree call in certain error conditions during the smb2handlenegotiate process, resulting in a memory leak...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013443)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013443 advisory. An issue was discovered in ksmbd in the Linux kernel 5.15 through 5.19 before 5.19.2. fs/ksmbd/smb2pdu.c omits a kfree call in certain smb2handlenegotiate error...

ROS-20260403-73-0041

A vulnerability in the fs/smb/server/smb2pdu.c component of the Linux kernel is related to mutual blocking of execution threads. Exploitation of the vulnerability allows an attacker to cause a denial of service...

ROS-20260324-73-0001

A vulnerability in the smb2sesssetup function in the fs/smb/server/smb2pdu.c module of the Linux kernel SMB server support is related to synchronization errors when using a shared resource. Exploitation of the vulnerability may allow a remote attacker to affect confidentiality, integrity and...

ROS-20260323-73-0030

A vulnerability in the smb2setea function of the fs/smb/server/smb2pdu.c module of the Linux kernel SMB server support is related to buffer copying without checking the size of the input data classic buffer overflow. Exploitation of the vulnerability could allow an attacker to cause a denial of...

ROS-20260120-73-0003

A vulnerability in the smb2lock function of the fs/smb/server/smb2pdu.c module of the Linux operating system kernel is related to memory usage after it has been freed. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-003789)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003789 advisory. An issue was discovered in the Linux kernel before 5.0.10. SMB2read in fs/cifs/smb2pdu.c has a use-after- free. NOTE: this was not fixed correctly in 5.0.10; see the...

ROS-20260112-7343

A vulnerability in the smb2pdu.c component of the Linux kernel is related to improper control of resource identifiers. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

An issue was discovered in the Linux kernel before 6.3.8. fs/smb/server/smb2pdu.c in ksmbd has an integer underflow and out-of-bounds read in deassemble_neg_contexts.

...

An issue was discovered in the Linux kernel before 6.3.4. fs/ksmbd/smb2pdu.c in ksmbd does not properly check the UserName value because it does not consider the address of security buffer leading to an out-of-bounds read.

...

SUSE CVE-2023-38428

An issue was discovered in the Linux kernel before 6.3.4. fs/ksmbd/smb2pdu.c in ksmbd does not properly check the UserName value because it does not consider the address of security buffer, leading to an out-of-bounds read...

Linux kernel smb2pdu.c file out-of-bounds read vulnerability (CNVD-2023-62929)

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. An out-of-bounds read vulnerability exists in versions of Linux kernel prior to 6.3.8, which stems from a lack of input validation in deassemblenegcontexts in...

CVE-2023-38428

An issue was discovered in the Linux kernel before 6.3.4. fs/ksmbd/smb2pdu.c in ksmbd does not properly check the UserName value because it does not consider the address of security buffer, leading to an out-of-bounds read...

UBUNTU-CVE-2023-38428

An issue was discovered in the Linux kernel before 6.3.4. fs/ksmbd/smb2pdu.c in ksmbd does not properly check the UserName value because it does not consider the address of security buffer, leading to an out-of-bounds read...

Linux kernel 缓冲区错误漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. An out-of-bounds read vulnerability exists in versions of Linux kernel prior to 6.3.4, which stems from fs/ksmbd/smb2pdu.c not properly checking the UserName value, and can be...

Linux kernel 数字错误漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. An out-of-bounds read vulnerability exists in versions of Linux kernel prior to 6.3.8, which stems from a lack of input validation in deassemblenegcontexts in...

SUSE CVE-2019-15920

An issue was discovered in the Linux kernel before 5.0.10. SMB2read in fs/cifs/smb2pdu.c has a use-after-free. NOTE: this was not fixed correctly in 5.0.10; see the 5.0.11 ChangeLog, which documents a memory leak...

An issue was discovered in ksmbd in the Linux kernel 5.15 through 5.19 before 5.19.2. fs/ksmbd/smb2pdu.c has a use-after-free and OOPS for SMB2_TREE_DISCONNECT.

...

DEBIAN-CVE-2022-47940

An issue was discovered in ksmbd in the Linux kernel 5.15 through 5.18 before 5.18.18. fs/ksmbd/smb2pdu.c lacks length validation in the non-padding case in smb2write...

UBUNTU-CVE-2022-47941

An issue was discovered in ksmbd in the Linux kernel 5.15 through 5.19 before 5.19.2. fs/ksmbd/smb2pdu.c omits a kfree call in certain smb2handlenegotiate error conditions, aka a memory leak...