Lucene search
K
LinuxLinux Kernel6.6.32

14 matches found

CVE
CVE
added 2024/11/07 9:31 a.m.157 views

CVE-2024-50152

CVE-2024-50152 corresponds to a Linux kernel SMB client double-free in smb2_set_ea(), addressed by fixes that reinitialize the local variable ea to NULL to prevent a second free after a failure path. The MiracleLinux AXSA-2025-10392 advisory explicitly notes a fix for this exact issue (CVE-2024-5...

5.5CVSS5.7AI score0.00215EPSS
CVE
CVE
added 2024/09/18 7:11 a.m.117 views

CVE-2024-46736

CVE-2024-46736 relates to the Linux kernel SMB (CIFS) client path smb2_rename_path handling. The issue arises when smb2_set_path_attr() is called with a valid cfile and returns -EINVAL; the reference to @cfile is dropped by a prior smb2_compound_op(), which can lead to a double put of @cfile. The...

7.8CVSS6.5AI score0.00244EPSS
CVE
CVE
added 2024/09/18 7:12 a.m.101 views

CVE-2024-46796

CVE-2024-46796 (Linux kernel CIFS SMB2 client) : The vulnerability is due to a double put of @cfile in smb2_set_path_size() when smb2_compound_op() returns -EINVAL, causing a use-after-free in a Kasan trace during CIFS detach. The fix calls cifs_get_writable_path() before retrying, preventing the...

7.8CVSS7.1AI score0.00208EPSS
CVE
CVE
added 2024/06/08 12:52 p.m.94 views

CVE-2024-36965

Technical details for CVE-2024-36965 are not publicly provided in the supplied documents. Please monitor official advisories and connected feeds for affected products, versions, impact, and fixes.

5.5CVSS7.2AI score0.00212EPSS
CVE
CVE
added 2026/05/28 9:36 a.m.59 views

CVE-2026-46155

CVE-2026-46155 affects the Linux kernel SMB client. The vulnerability is an out-of-bounds read in smb2_compound_op() caused by memcpy reading size[0] (OutputBufferLength) when iov_len is smaller than that length after a truncated server response. This can leak adjacent kernel heap memory. Impact ...

9.1CVSS5.8AI score0.00478EPSS
CVE
CVE
added 2026/05/01 1:56 p.m.39 views

CVE-2026-31717

In the Linux kernel ksmbd, a vulnerability allows an authenticated user to hijack an orphaned durable handle by reconnecting with a different security context. The issue stems from ksmbd not verifying that the requester’s SecurityContext matches the original opener when a durable handle is reconn...

8.8CVSS5.8AI score0.00437EPSS
CVE
CVE
added 2026/02/14 4:27 p.m.28 views

CVE-2025-71223

CVE-2025-71223 affects the Linux kernel's ksmbd SMB server path (smb2_open and ksmbd_vfs_getattr). The issue is a refcount leak when ksmbd_vfs_getattr() fails, potentially causing resource leakage and local impact. A kernel update fixing the refcount leak is provided by the referenced advisories ...

5.5CVSS5.2AI score0.00122EPSS
CVE
CVE
added 2026/05/08 2:21 p.m.28 views

CVE-2026-43379

CVE-2026-43379 affects ksmbd (Linux kernel) with a use-after-free in smb_lazy_parent_lease_break_close. The opinfo pointer obtained via rcu_dereference(fp->f_opinfo) is accessed after rcu_read_unlock(), creating a race where the memory could be freed by a concurrent writer before subsequent de...

9.8CVSS5.7AI score0.00444EPSS
CVE
CVE
added 2026/04/03 3:15 p.m.22 views

CVE-2026-23427

Summary: CVE-2026-23427 affects ksmbd in the Linux kernel and has been fixed to address a use-after-free in durable v2 replay of active SMB file handles. The root cause is that parse_durable_handle_context() unconditionally assigns dh_info->fp->conn to the current connection when handling D...

9.8CVSS5.8AI score0.0029EPSS
CVE
CVE
added 2026/05/01 1:56 p.m.21 views

CVE-2026-31718

The CVE-2026-31718 entries describe a use-after-free in ksmbd (Linux kernel in-kernel SMB3 server) triggered when a durable file handle survives a session disconnect. The root cause is an asymmetric cleanup of lock state: byte-range locks left on a freed conn->lock_list after fp->conn is nu...

9.8CVSS5.7AI score0.00356EPSS
CVE
CVE
added 2026/04/24 2:42 p.m.20 views

CVE-2026-31614

MODE C: CVE-2026-31614 is a kernel SMB client vulnerability (Linux kernel). The issue is an out-of-bounds read in check_wsl_eas() that can leak up to 8 bytes of kernel heap via the EA name/value handling, potentially affecting how WSL ext attributes are interpreted. Patches have been released/mer...

7.1CVSS5.4AI score0.00126EPSS
CVE
CVE
added 2026/04/30 11:47 a.m.17 views

CVE-2026-31693

CVE-2026-31693 affects the Linux kernel CIFS implementation. The issue arises when replaying a request: certain local variables were not reinitialized after a replay label, which can cause unpredictable behavior and potentially denial of service or instability. The vulnerability is limited to the...

7.8CVSS5.6AI score0.00129EPSS
CVE
CVE
added 2026/02/14 4:27 p.m.14 views

CVE-2025-71204

CVE-2025-71204 concerns the Linux kernel SMB server (ksmbd) due to a refcount leak in parse_durable_handle_context. The issue occurs when a replay operation returns -ENOEXE C and the file ksmbd_file refcount is not released, as described in the initial document. The provided connected documents d...

5.5CVSS5.3AI score0.00122EPSS
CVE
CVE
added 2026/06/25 8:39 a.m.9 views

CVE-2026-53271

CVE-2026-53271 affects the Linux kernel ksmbd component. The vulnerability is a NULL-deref in oplock/lease break notifiers: smb2_oplock_break_noti() and smb2_lease_break_noti() read opinfo->conn into a local buffer without READ_ONCE and without a NULL check. After opinfo_get_list() drops ci-&g...

5.5CVSS5.7AI score0.00164EPSS