Astra Linux - уязвимость в linux-5.15

A issue was discovered in ksmbd within the Linux kernel versions 5.15 through 5.19, prior to 5.19.2. The file fs/ksmbd/smb2pdu.c omits a kfree call in certain error conditions during the smb2handlenegotiate process, resulting in a memory leak...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013443)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013443 advisory. An issue was discovered in ksmbd in the Linux kernel 5.15 through 5.19 before 5.19.2. fs/ksmbd/smb2pdu.c omits a kfree call in certain smb2handlenegotiate error...

ROS-20260403-73-0041

A vulnerability in the fs/smb/server/smb2pdu.c component of the Linux kernel is related to mutual blocking of execution threads. Exploitation of the vulnerability allows an attacker to cause a denial of service...

ROS-20260324-73-0001

A vulnerability in the smb2sesssetup function in the fs/smb/server/smb2pdu.c module of the Linux kernel SMB server support is related to synchronization errors when using a shared resource. Exploitation of the vulnerability may allow a remote attacker to affect confidentiality, integrity and...

ROS-20260323-73-0030

A vulnerability in the smb2setea function of the fs/smb/server/smb2pdu.c module of the Linux kernel SMB server support is related to buffer copying without checking the size of the input data classic buffer overflow. Exploitation of the vulnerability could allow an attacker to cause a denial of...

ROS-20260120-73-0003

A vulnerability in the smb2lock function of the fs/smb/server/smb2pdu.c module of the Linux operating system kernel is related to memory usage after it has been freed. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-003789)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003789 advisory. An issue was discovered in the Linux kernel before 5.0.10. SMB2read in fs/cifs/smb2pdu.c has a use-after- free. NOTE: this was not fixed correctly in 5.0.10; see the...

ROS-20260112-7343

A vulnerability in the smb2pdu.c component of the Linux kernel is related to improper control of resource identifiers. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

The vulnerability of the smb2_lock() function in the fs/smb/server/smb2pdu.c module of the Linux operating system allows a hacker to cause a service failure.

The vulnerability of the smb2lock function in the fs/smb/server/smb2pdu.c module of the Linux operating system is related to improper locking of resources. Exploiting this vulnerability could allow an attacker to cause service failures...

The vulnerability of the smb2_lock() function in the fs/smb/server/smb2pdu.c module of the Linux operating system allows a hacker to cause a service failure.

The vulnerability of the smb2lock function in the fs/smb/server/smb2pdu.c module of the Linux operating system is related to the use of memory after it is freed. Exploiting this vulnerability could allow an attacker to cause a service failure...

The vulnerability of the SMB2_ioctl_init() function in the fs/cifs/smb2pdu.c module of the Linux operating system allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the SMB2ioctlinit function in the fs/cifs/smb2pdu.c module of the Linux operating system is related to buffer overflow attacks. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected information...

An issue was discovered in the Linux kernel before 6.3.4. fs/ksmbd/smb2pdu.c in ksmbd does not properly check the UserName value because it does not consider the address of security buffer leading to an out-of-bounds read.

...

An issue was discovered in the Linux kernel before 6.3.8. fs/smb/server/smb2pdu.c in ksmbd has an integer underflow and out-of-bounds read in deassemble_neg_contexts.

...

The vulnerability of the session_user() function in the fs/ksmbd/smb2pdu.c file of the KSMBD file system in the Linux operating system allows a hacker to gain access to protected information or cause service failures.

The vulnerability of the sessionuser function in the fs/ksmbd/smb2pdu.c file of the KSMBD file system in the Linux operating system is related to reading data beyond the allocated buffer. Exploiting this vulnerability could allow an attacker to gain access to protected information or cause servic...

The vulnerability of the deassemble_neg_contexts() function in the fs/smb/server/smb2pdu.c file of the KSMBD file system of the Linux operating system allows a attacker to access protected information or cause service failures.

The vulnerability of the deassemblenegcontexts function in the fs/smb/server/smb2pdu.c file of the KSMBD file system of the Linux operating system is related to reading data beyond the allocated buffer. Exploiting this vulnerability could allow an attacker, acting remotely, to gain access to...

SUSE CVE-2023-38428

An issue was discovered in the Linux kernel before 6.3.4. fs/ksmbd/smb2pdu.c in ksmbd does not properly check the UserName value because it does not consider the address of security buffer, leading to an out-of-bounds read...

Linux kernel smb2pdu.c file out-of-bounds read vulnerability (CNVD-2023-62929)

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. An out-of-bounds read vulnerability exists in versions of Linux kernel prior to 6.3.8, which stems from a lack of input validation in deassemblenegcontexts in...

CVE-2023-38428

An issue was discovered in the Linux kernel before 6.3.4. fs/ksmbd/smb2pdu.c in ksmbd does not properly check the UserName value because it does not consider the address of security buffer, leading to an out-of-bounds read...

UBUNTU-CVE-2023-38428

An issue was discovered in the Linux kernel before 6.3.4. fs/ksmbd/smb2pdu.c in ksmbd does not properly check the UserName value because it does not consider the address of security buffer, leading to an out-of-bounds read...

Linux kernel 缓冲区错误漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. An out-of-bounds read vulnerability exists in versions of Linux kernel prior to 6.3.4, which stems from fs/ksmbd/smb2pdu.c not properly checking the UserName value, and can be...