22 matches found
Astra Linux - уязвимость в linux-5.10, linux-5.15
In the Linux kernel, the following vulnerabilities have been resolved: ksmbd: Fixed an issue related toracy under the cocurrent smb2 tree disconnect scenario. There is a UAF issue under the cocurrent smb2 tree disconnect scenario. This patch introduces TREECONNEXPIRE flags for tcon to avoid...
SUSE CVE-2026-23428
In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix use-after-free of shareconf in compound request smb2getksmbdtcon reuses work-tcon in compound requests without validating tcon-tstate. ksmbdtreeconnlookup checks tstate == TREECONNECTED on the initial lookup path, but...
CVE-2026-23428
In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix use-after-free of shareconf in compound request smb2getksmbdtcon reuses work-tcon in compound requests without validating tcon-tstate. ksmbdtreeconnlookup checks tstate == TREECONNECTED on the initial lookup path, but...
UBUNTU-CVE-2025-68817
In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix use-after-free in ksmbdtreeconnectput under concurrency Under high concurrency, A tree-connection object tcon is freed on a disconnect path while another path still holds a reference and later executes put/write on it...
CVE-2025-68817
In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix use-after-free in ksmbdtreeconnectput under concurrency Under high concurrency, A tree-connection object tcon is freed on a disconnect path while another path still holds a reference and later executes put/write on it...
CVE-2025-68817 ksmbd: fix use-after-free in ksmbd_tree_connect_put under concurrency
In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix use-after-free in ksmbdtreeconnectput under concurrency Under high concurrency, A tree-connection object tcon is freed on a disconnect path while another path still holds a reference and later executes put/write on it...
CVE-2025-68817 ksmbd: fix use-after-free in ksmbd_tree_connect_put under concurrency
In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix use-after-free in ksmbdtreeconnectput under concurrency Under high concurrency, A tree-connection object tcon is freed on a disconnect path while another path still holds a reference and later executes put/write on it...
CVE-2025-68817
The CVE-2025-68817 entry concerns a Linux kernel ksmbd issue: a use-after-free in ksmbd_tree_connect_put under concurrent disconnect paths. Under high concurrency, a tcon (tree-connection object) can be freed on disconnect while another path still holds a reference and may later call *_put() or w...
PT-2026-2549
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw within the ksmbd module. Specifically, a use-after-free condition can occur in the ksmbd tree connect put function under conditions of high concurrency...
CVE-2023-54280
In the Linux kernel, the following vulnerability has been resolved: cifs: fix potential race when tree connecting ipc Protect access of TCPServerInfo::hostname when building the ipc tree name as it might get freed in cifsd thread and thus causing an use-after-free bug in treeconnectdfstarget. Als...
Linux Distros Unpatched Vulnerability : CVE-2023-54280
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - cifs: fix potential race when tree connecting ipc Protect access of TCPServerInfo::hostname when building the ipc tree name as it might get freed in cifsd threa...
EUVD-2023-59968
Malicious code in bioql PyPI...
CVE-2023-53358
In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix racy issue under cocurrent smb2 tree disconnect There is UAF issue under cocurrent smb2 tree disconnect. This patch introduce TREECONNEXPIRE flags for tcon to avoid cocurrent access...
CVE-2023-53358
In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix racy issue under cocurrent smb2 tree disconnect There is UAF issue under cocurrent smb2 tree disconnect. This patch introduce TREECONNEXPIRE flags for tcon to avoid cocurrent access...
CVE-2023-53358 ksmbd: fix racy issue under cocurrent smb2 tree disconnect
In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix racy issue under cocurrent smb2 tree disconnect There is UAF issue under cocurrent smb2 tree disconnect. This patch introduce TREECONNEXPIRE flags for tcon to avoid cocurrent access...
CVE-2023-53358 ksmbd: fix racy issue under cocurrent smb2 tree disconnect
In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix racy issue under cocurrent smb2 tree disconnect There is UAF issue under cocurrent smb2 tree disconnect. This patch introduce TREECONNEXPIRE flags for tcon to avoid cocurrent access...
CVE-2023-53358
CVE-2023-53358 relates to the Linux kernel’s ksmbd component, where a race condition during concurrent smb2 tree disconnect led to a use-after-free (UAF). The issue is addressed by a patch that adds TREE_CONN_EXPIRE flags for tcon to prevent concurrent access. The connected documents confirm the ...
CVE-2023-53358
In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix racy issue under cocurrent smb2 tree disconnect There is UAF issue under cocurrent smb2 tree disconnect. This patch introduce TREECONNEXPIRE flags for tcon to avoid cocurrent access...
DEBIAN-CVE-2024-56729
In the Linux kernel, the following vulnerability has been resolved: smb: Initialize cfid-tcon before performing network ops Avoid leaking a tcon ref when a lease break races with opening the cached directory. Processing the leak break might take a reference to the tcon in cacheddirleasebreak and...
Tree connection null pointer dereference denial-of-service vulnerability
...