6 matches found
CVE-2025-37750
CVE-2025-37750: Linux kernel SMB client UAF in decryption with multichannel resolved. After commits f7025d861694 and b0abcd65ec54, multiple cifsd threads could access the AEAD crypto context simultaneously, causing a use-after-free during decryption. The issue triggered KASAN reports (gf128mul_4k...
CVE-2025-38488
CVE-2025-38488 affects the Linux kernel SMB client path (crypt_message) where async crypto could lead to use-after-free when hardware accelerators return -EINPROGRESS. The issue arose after CVE-2024-50047 fixed async handling for all operations but hardware offload could still complete asynchrono...
CVE-2026-46124
CVE-2026-46124 affects the Linux kernel isofs filesystem. The vulnerability arises because isofs_fh_to_dentry/isofs_fh_to_parent pass an attacker-controlled block number from an NFS file handle to isofs_export_iget(), which only rejects block == 0 before calling isofs_iget and sb_bread. A crafted...
CVE-2026-46046
The CVE reports a refcount leak in ext4_xattr_inode_dec_ref_all() due to not releasing iloc with brelse() after ext4_get_inode_loc(), fixed by commit c8e008b6. OSV entries show patches in Root:Ubuntu 22.04/24.04, Debian, Debian-based RootIO builds, and openSUSE kernel-devel 7.0.11-1.1 for GA medi...
CVE-2026-23088
CVE-2026-23088 affects the Linux kernel tracing subsystem. The issue arises when a synthetic event reuses an existing synthetic event’s stacktrace field, leading to a kernel crash (crash/NULL pointer dereference) when enabling linked synthetic events. The root cause is how the stacktrace field is...
CVE-2026-23146
Technical details for CVE-2026-23146 are not provided in the supplied connected documents; the materials only reference the vulnerability as part of Ubuntu/Mageia/Oracle advisories. Monitor for updates.