In the Linux kernel, the following vulnerability has been resolved:
smb: client: reject userspace cifs.spnego descriptions
cifs.spnego key descriptions contain authority-bearing fields such as
pid,
A flaw was found in the cifs-utils package where the cifs.upcall helper fails to securely drop its root privileges before looking up user information inside a user-controlled environment. A local, low
In the Linux kernel, the following vulnerability has been resolved:
smb: client: fix missed ses refcounting
Use new cifs_smb_ses_inc_refcount() helper to get an active reference
of @ses and @ses->df
In the Linux kernel, the following vulnerability has been resolved:
smb: client: fix warning in cifs_smb3_do_mount()
This fixes the following warning reported by kernel test robot
fs/smb/client/c
In the Linux kernel, the following vulnerability has been resolved:
cifs: fix small mempool leak in SMB2_negotiate()
In some cases of failure (dialect mismatches) in SMB2_negotiate(), after
the requ
In the Linux kernel, the following vulnerability has been resolved:
cifs: prevent bad output lengths in smb2_ioctl_query_info()
When calling smb2_ioctl_query_info() with
smb_query_info::flags=PASSTH
In the Linux kernel, the following vulnerability has been resolved:
smb: client: Don't log plaintext credentials in cifs_set_cifscreds
When debug logging is enabled, cifs_set_cifscreds() logs the ke
In the Linux kernel, the following vulnerability has been resolved:
cifs: fix session state check in reconnect to avoid use-after-free issue
Don't collect exiting session in smb2_reconnect_server(),
In the Linux kernel, the following vulnerability has been resolved:
cifs: Fix oops due to uncleared server->smbd_conn in reconnect
In smbd_destroy(), clear the server->smbd_conn pointer after freein
In the Linux kernel, the following vulnerability has been resolved:
cifs: Fix memory leak when build ntlmssp negotiate blob failed
There is a memory leak when mount cifs:
unreferenced object 0xfff
In the Linux kernel, the following vulnerability has been resolved:
smb: client: Fix refcount leak for cifs_sb_tlink
Fix three refcount inconsistency issues related to `cifs_sb_tlink`.
Comments for
Input validation bypass in SMB volume mount handling in CloudFoundry Foundation diego-release allows low-privileged CF space developer to inject arbitrary kernel CIFS mount options via bypassing the m
In the Linux kernel, the following vulnerability has been resolved:
cifs: fix memory leak in smb3_fs_context_parse_param error path
Add proper cleanup of ctx->source and fc->source to the
cifs_parse
In the Linux kernel, the following vulnerability has been resolved:
smb: client: fix memory leak in cifs_construct_tcon()
When having a multiuser mount with domain= specified and using
cifscreds, ci
In the Linux kernel, the following vulnerability has been resolved:
cifs: parse_dfs_referrals: prevent oob on malformed input
Malicious SMB server can send invalid reply to FSCTL_DFS_GET_REFERRALS
In the Linux kernel, the following vulnerability has been resolved:
smb: client: Fix use-after-free of network namespace.
Recently, we got a customer report that CIFS triggers oops while
reconnectin
In the Linux kernel, the following vulnerability has been resolved:
smb: client: fix use-after-free of signing key
Customers have reported use-after-free in @ses->auth_key.response with
SMB2.1 + sig
In the Linux kernel, the following vulnerability has been resolved:
cifs: fix potential memory leaks in session setup
Make sure to free cifs_ses::auth_key.response before allocating it as
we might e
In the Linux kernel, the following vulnerability has been resolved:
cifs: Fix the smbd_response slab to allow usercopy
The handling of received data in the smbdirect client code involves using
copy_
In the Linux kernel, the following vulnerability has been resolved:
cifs: fix warning when destroy 'cifs_io_request_pool'
There's a issue as follows:
WARNING: CPU: 1 PID: 27826 at mm/slub.c:4698 fre
Page 1+ Next →