exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 7

BDU:2025-09626

2 месяца назад

Уязвимость функции ksmbd_krb5_authenticate() компонента ksmbd ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании

CVSS3: 5.5

EPSS: Низкий

CVE-2025-38191

около 2 месяцев назад

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix null pointer dereference in destroy_previous_session If client set ->PreviousSessionId on kerberos session setup stage, NULL pointer dereference error will happen. Since sess->user is not set yet, It can pass the user argument as NULL to destroy_previous_session. sess->user will be set in ksmbd_krb5_authenticate(). So this patch move calling destroy_previous_session() after ksmbd_krb5_authenticate().

EPSS: Низкий

CVE-2025-38191

около 2 месяцев назад

CVSS3: 5.5

EPSS: Низкий

CVE-2025-38191

около 2 месяцев назад

EPSS: Низкий

CVE-2025-38191

14 дней назад

EPSS: Низкий

CVE-2025-38191

около 2 месяцев назад

In the Linux kernel, the following vulnerability has been resolved: k ...

EPSS: Низкий

GHSA-f39x-mp5j-46f3

около 2 месяцев назад

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
BDU:2025-09626 Уязвимость функции ksmbd_krb5_authenticate() компонента ksmbd ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании	CVSS3: 5.5	0% Низкий	2 месяца назад
CVE-2025-38191 In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix null pointer dereference in destroy_previous_session If client set ->PreviousSessionId on kerberos session setup stage, NULL pointer dereference error will happen. Since sess->user is not set yet, It can pass the user argument as NULL to destroy_previous_session. sess->user will be set in ksmbd_krb5_authenticate(). So this patch move calling destroy_previous_session() after ksmbd_krb5_authenticate().		0% Низкий	около 2 месяцев назад
CVE-2025-38191 In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix null pointer dereference in destroy_previous_session If client set ->PreviousSessionId on kerberos session setup stage, NULL pointer dereference error will happen. Since sess->user is not set yet, It can pass the user argument as NULL to destroy_previous_session. sess->user will be set in ksmbd_krb5_authenticate(). So this patch move calling destroy_previous_session() after ksmbd_krb5_authenticate().	CVSS3: 5.5	0% Низкий	около 2 месяцев назад
CVE-2025-38191 In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix null pointer dereference in destroy_previous_session If client set ->PreviousSessionId on kerberos session setup stage, NULL pointer dereference error will happen. Since sess->user is not set yet, It can pass the user argument as NULL to destroy_previous_session. sess->user will be set in ksmbd_krb5_authenticate(). So this patch move calling destroy_previous_session() after ksmbd_krb5_authenticate().		0% Низкий	около 2 месяцев назад
CVE-2025-38191		0% Низкий	14 дней назад
CVE-2025-38191 In the Linux kernel, the following vulnerability has been resolved: k ...		0% Низкий	около 2 месяцев назад
GHSA-f39x-mp5j-46f3 In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix null pointer dereference in destroy_previous_session If client set ->PreviousSessionId on kerberos session setup stage, NULL pointer dereference error will happen. Since sess->user is not set yet, It can pass the user argument as NULL to destroy_previous_session. sess->user will be set in ksmbd_krb5_authenticate(). So this patch move calling destroy_previous_session() after ksmbd_krb5_authenticate().		0% Низкий	около 2 месяцев назад

Уязвимостей на страницу