CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

33 matches found

Rockylinux•added 2026/06/12 6:1 p.m.•13 views

kernel-rt security update

An update is available for kernel-rt. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The kernel-rt packages provide the Real Time Linux Kernel, which enables...

9.8CVSS6.5AI score0.00542EPSS

Exploits0

RedHat Linux•added 2026/06/10 10:0 p.m.•7 views

kernel: smb: client: fix OOB reads parsing symlink error response

A flaw was found in the Linux kernel's Server Message Block SMB client. A remote, untrusted server could send a specially crafted symlink error response, leading to an out-of-bounds read vulnerability. This could result in the disclosure of sensitive information from the kernel's memory to a loca...

8.1CVSS6.7AI score0.00378EPSS

Exploits0References5

RedHat Linux•added 2026/06/10 8:9 p.m.•16 views

kernel: smb: client: fix OOB reads parsing symlink error response

8.1CVSS6.7AI score0.00378EPSS

Exploits0References5

RedHat Linux•added 2026/06/08 2:21 p.m.•9 views

kernel: smb: client: fix OOB reads parsing symlink error response

8.1CVSS5.4AI score0.00378EPSS

Exploits0References5

AlmaLinux•added 2026/06/08 12:0 a.m.•8 views

Important: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: smb: client: fix OOB reads parsing symlink error response CVE-2026-31613 kernel: Buffer overflow in drivers/xen/sys-hypervisor.c CVE-2026-31786 kernel: Linux kernel: smb: client: reject...

8.1CVSS6.6AI score0.00378EPSS

Exploits4References8

Tenable Nessus•added 2026/06/08 12:0 a.m.•4 views

RHEL 9 : kernel (RHSA-2026:24381)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:24381 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: smb: client: fix OOB reads...

8.1CVSS6.5AI score0.00378EPSS

Exploits4References8

OSV•added 2026/06/08 12:0 a.m.•3 views

ALSA-2026:24381 Important: kernel security update

8.1CVSS6.6AI score0.00378EPSS

Exploits4References8

RedHat Linux•added 2026/06/04 3:55 p.m.•7 views

kernel: smb: client: fix OOB reads parsing symlink error response

8.1CVSS5.8AI score0.00378EPSS

Exploits0References5

RedhatCVE•added 2026/05/28 5:15 p.m.•13 views

CVE-2026-46185

A flaw was found in the Linux kernel's Server Message Block SMB client. This vulnerability arises from insufficient length validation in the smb2checkmessage function when processing symlink error responses. A remote attacker could exploit this by sending a specially crafted symlink error respons...

9.1CVSS5.8AI score0.0052EPSS

Exploits0References4

NVD•added 2026/05/28 10:16 a.m.•11 views

CVE-2026-46185

In the Linux kernel, the following vulnerability has been resolved: smb/client: fix out-of-bounds read in symlinkdata Since smb2checkmessage returns success without length validation for the symlink error response, in symlinkdata it is possible for iov-iovlen to be smaller than sizeofstruct...

9.1CVSS0.0052EPSS

Exploits0References6

CVE•added 2026/05/28 9:36 a.m.•24 views

CVE-2026-46185

The CVE-2026-46185 issue affects the Linux kernel SMB client. The root cause is insufficient length validation in smb2_check_message() when processing symlink error responses, allowing a symlink_data() path to read beyond the buffer if iov_len is smaller than the 64-byte SMB2 header and accessing...

9.1CVSS5.7AI score0.0052EPSS

Exploits0References6Affected Software1

Positive Technologies•added 2026/05/28 12:0 a.m.•10 views

PT-2026-44308

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An out-of-bounds read exists in the symlink data function. This occurs because smb2 check message returns success without validating the length for the symlink error response...

9.8CVSS6.1AI score0.01582EPSS

Exploits14References283

SUSE CVE•added 2026/04/25 1:38 a.m.•4 views

SUSE CVE-2026-31613

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix OOB reads parsing symlink error response When a CREATE returns STATUSSTOPPEDONSYMLINK, smb2checkmessage returns success without any length validation, leaving the symlink parsers as the only defense against an...

7.1CVSS5.5AI score0.00378EPSS

Exploits0References17

Tenable Nessus•added 2026/04/25 12:0 a.m.•5 views

Linux Distros Unpatched Vulnerability : CVE-2026-31613

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - smb: client: fix OOB reads parsing symlink error response When a CREATE returns STATUSSTOPPEDONSYMLINK, smb2checkmessage returns success without any length...

8.1CVSS6.8AI score0.00378EPSS

Exploits0References4

NVD•added 2026/04/24 3:16 p.m.•2 views

CVE-2026-31613

8.1CVSS0.00378EPSS

Exploits0References7

ATTACKERKB•added 2026/04/24 2:42 p.m.•2 views

CVE-2026-31613

8.1CVSS5.4AI score0.00378EPSS

Exploits0References7Affected Software1

EUVD•added 2026/04/24 2:42 p.m.•2 views

EUVD-2026-25506

5.4AI score0.00378EPSS

Exploits0References3

CVE•added 2026/04/24 2:42 p.m.•23 views

CVE-2026-31613

The CVE-2026-31613 issue affects the Linux kernel SMB client. A crafted symlink error response from a remote SMB server can trigger an out-of-bounds read during symlink parsing, allowing UTF-16 data to be read via readlink(2). Root cause: smb2_check_message() accepts a CREATE status without valid...

8.1CVSS5.5AI score0.00378EPSS

Exploits0References7Affected Software1