371 matches found
CVE-2026-54784 CoreWCF: SPNEGO SecurityContextToken proof key wrapped without confidentiality
CoreWCF is a port of the service side of Windows Communication Foundation WCF to .NET Core. In version 1.9.0, CoreWCF SPNEGO SecurityContextToken negotiation can expose the proof key recovered from the RSTR when TransportWithMessageCredential with Windows client credentials and session...
CVE-2026-54784 CoreWCF: SPNEGO SecurityContextToken proof key wrapped without confidentiality
CoreWCF is a port of the service side of Windows Communication Foundation WCF to .NET Core. In version 1.9.0, CoreWCF SPNEGO SecurityContextToken negotiation can expose the proof key recovered from the RSTR when TransportWithMessageCredential with Windows client credentials and session...
Important: Red Hat Security Advisory: OpenShift Container Platform 4.20.28 bug fix and security update
Red Hat OpenShift Container Platform release 4.20.28 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.20. Red Hat Product Security has rated this update as having a...
RLSA-2026:32990 Important: cifs-utils security update
The SMB/CIFS protocol is a standard file sharing protocol widely deployed on Microsoft Windows machines. The cifs-utils packages contain tools for mounting shares on Linux using the SMB/CIFS protocol. The tools in this package work in conjunction with support in the kernel to allow one to mount a...
cifs-utils security update
An update is available for cifs-utils. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The SMB/CIFS protocol is a standard file sharing protocol widely deployed...
RHEL 10 : cifs-utils (RHSA-2026:32990)
The remote Redhat Enterprise Linux 10 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:32990 advisory. The SMB/CIFS protocol is a standard file sharing protocol widely deployed on Microsoft Windows machines. The cifs-utils packages contain tools for...
Cifs-utils: local privilege escalation via forged cifs.spnego key description in cifs.upcall
...
Astra Linux – Vulnerability found in Linux 6.12, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: smb: client: Rejects descriptions of keys of type cifs.spnego from the user space. Keys of type cifs.spnego contain fields that carry authority information, such as pid, uid, creduid, and upcalltarget. The cifs.upcall function...
Important: kernel
Issue Overview: In the Linux kernel, the following vulnerability has been resolved: smb: client: reject userspace cifs.spnego descriptions CVE-2026-46243 Affected Packages: kernel Note: This advisory is applicable to Amazon Linux 2 - Kernel-5.15 Extra. Visit this page to learn more about Amazon...
Important: kernel
Issue Overview: In the Linux kernel, the following vulnerability has been resolved: smb: client: reject userspace cifs.spnego descriptions CVE-2026-46243 Affected Packages: kernel Note: This advisory is applicable to Amazon Linux 2 - Kernel-5.10 Extra. Visit this page to learn more about Amazon...
Amazon Linux 2 : kernel, --advisory ALAS2-2026-3374 (ALAS-2026-3374)
The version of kernel installed on the remote host is prior to 4.14.355-282.731. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2026-3374 advisory. In the Linux kernel, the following vulnerability has been resolved: smb: client: reject userspace cifs.spnego descriptions...
Amazon Linux 2 : kernel, --advisory ALAS2KERNEL-5.15-2026-105 (ALASKERNEL-5.15-2026-105)
The version of kernel installed on the remote host is prior to 5.15.206-144.236. It is, therefore, affected by a vulnerability as referenced in the ALAS2KERNEL-5.15-2026-105 advisory. In the Linux kernel, the following vulnerability has been resolved: smb: client: reject userspace cifs.spnego...
Amazon Linux 2 : kernel, --advisory ALAS2KERNEL-5.10-2026-122 (ALASKERNEL-5.10-2026-122)
The version of kernel installed on the remote host is prior to 5.10.255-253.1013. It is, therefore, affected by a vulnerability as referenced in the ALAS2KERNEL-5.10-2026-122 advisory. In the Linux kernel, the following vulnerability has been resolved: smb: client: reject userspace cifs.spnego...
RHEL 10 : kernel (RHSA-2026:25908)
The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:25908 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: net: afcan: do not leave a...
kernel-rt security update
An update is available for kernel-rt. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The kernel-rt packages provide the Real Time Linux Kernel, which enables...
RLSA-2026:23259 Important: kernel-rt security update
The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fixes: kernel: Linux kernel: smb: client: reject userspace cifs.spnego descriptions CVE-2026-46243 For more details about the security issues,...
Important: Red Hat Security Advisory: kernel security update
An update for kernel is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...
Important: kernel security update
The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: smb: client: fix OOB reads parsing symlink error response CVE-2026-31613 kernel: Buffer overflow in drivers/xen/sys-hypervisor.c CVE-2026-31786 kernel: Linux kernel: smb: client: reject...
RHEL 10 : kernel (RHSA-2026:23395)
The remote Redhat Enterprise Linux 10 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:23395 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: CVE-2026-46243 kernel: Linux kernel: smb:...
RHEL 8 : kernel (RHSA-2026:23258)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:23258 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: Linux kernel: smb: client: reject...