Lucene search
K

4 matches found

OSV
OSV
added 2026/01/23 3:16 p.m.3 views

UBUNTU-CVE-2025-71151

In the Linux kernel, the following vulnerability has been resolved: cifs: Fix memory and information leak in smb3reconfigure In smb3reconfigure, if smb3syncsessionctxpasswords fails, the function returns immediately without freeing and erasing the newly allocated newpassword and newpassword2. Thi...

5.5CVSS5.7AI score0.00114EPSS
Exploits0References27
RedHat Linux
RedHat Linux
added 2025/05/13 8:28 a.m.5 views

kernel: smb: client: Handle kstrdup failures for passwords

In the Linux kernel, the following vulnerability has been resolved: smb: client: Handle kstrdup failures for passwords In smb3reconfigure, after duplicating ctx-password and ctx-password2 with kstrdup, we need to check for allocation failures. If ses-password allocation fails, return -ENOMEM. If...

5.5CVSS6.8AI score0.00214EPSS
Exploits0References5
OSV
OSV
added 2024/11/05 6:15 p.m.2 views

UBUNTU-CVE-2024-50120

In the Linux kernel, the following vulnerability has been resolved: smb: client: Handle kstrdup failures for passwords In smb3reconfigure, after duplicating ctx-password and ctx-password2 with kstrdup, we need to check for allocation failures. If ses-password allocation fails, return -ENOMEM. If...

5.5CVSS6.6AI score0.00214EPSS
Exploits0References18
CVE
CVE
added 2024/11/05 5:10 p.m.153 views

CVE-2024-50120

CVE-2024-50120 affects the Linux kernel SMB client. The vulnerability stems from missing checks for kstrdup failures when duplicating passwords in smb3_reconfigure(), leading to ses->password or ses->password2 allocation failures. The documented remediation is to return -ENOMEM if ses->p...

5.5CVSS5.3AI score0.00214EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder