CVE-2023-3865 – KSMultiMediaBroadcaster Out-of-Bounds Read Vulnerability

CVE ID : CVE-2023-3865

Published : Aug. 16, 2025, 2:15 p.m. | 11 hours, 54 minutes ago

Description : In the Linux kernel, the following vulnerability has been resolved:

ksmbd: fix out-of-bound read in smb2_write

ksmbd_smb2_check_message doesn’t validate hdr->NextCommand. If
->NextCommand is bigger than Offset + Length of smb2 write, It will
allow oversized smb2 write length. It will cause OOB read in smb2_write.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE-2023-3866 – Samba ksmbd NULL Pointer Dereference

CVE ID : CVE-2023-3866

Published : Aug. 16, 2025, 2:15 p.m. | 11 hours, 54 minutes ago

Description : In the Linux kernel, the following vulnerability has been resolved:

ksmbd: validate session id and tree id in the compound request

This patch validate session id and tree id in compound request.
If first operation in the compound is SMB2 ECHO request, ksmbd bypass
session and tree validation. So work->sess and work->tcon could be NULL.
If secound request in the compound access work->sess or tcon, It cause
NULL pointer dereferecing error.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE-2023-4130 – Kerberos SMBd Buffer Length Validation Overflow

CVE ID : CVE-2023-4130

Published : Aug. 16, 2025, 2:15 p.m. | 11 hours, 54 minutes ago

Description : In the Linux kernel, the following vulnerability has been resolved:

ksmbd: fix wrong next length validation of ea buffer in smb2_set_ea()

There are multiple smb2_ea_info buffers in FILE_FULL_EA_INFORMATION request
from client. ksmbd find next smb2_ea_info using ->NextEntryOffset of
current smb2_ea_info. ksmbd need to validate buffer length Before
accessing the next ea. ksmbd should check buffer length using buf_len,
not next variable. next is the start offset of current ea that got from
previous ea.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE-2023-4515 – “KSMBD SMB2 Command Size Validation Vulnerability”

CVE ID : CVE-2023-4515

Published : Aug. 16, 2025, 2:15 p.m. | 11 hours, 54 minutes ago

Description : In the Linux kernel, the following vulnerability has been resolved:

ksmbd: validate command request size

In commit 2b9b8f3b68ed (“ksmbd: validate command payload size”), except
for SMB2_OPLOCK_BREAK_HE command, the request size of other commands
is not checked, it’s not expected. Fix it by add check for request
size of other commands.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE-2023-32249 – Samba Linux kernel Guest User Access Multichannel Vulnerability

CVE ID : CVE-2023-32249

Published : Aug. 16, 2025, 2:15 p.m. | 11 hours, 54 minutes ago

Description : In the Linux kernel, the following vulnerability has been resolved:

ksmbd: not allow guest user on multichannel

This patch return STATUS_NOT_SUPPORTED if binding session is guest.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE-2025-9088 – Tenda AC20 Stack-Based Buffer Overflow Vulnerability

CVE ID : CVE-2025-9088

Published : Aug. 16, 2025, 11:15 p.m. | 1 hour, 26 minutes ago

Description : A vulnerability was found in Tenda AC20 16.03.08.12. This vulnerability affects the function save_virtualser_data of the file /goform/formSetVirtualSer. The manipulation of the argument list leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.

Severity: 9.0 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE-2025-9087 – Tenda AC20 Stack-Based Buffer Overflow

CVE ID : CVE-2025-9087

Published : Aug. 16, 2025, 11:15 p.m. | 2 hours, 54 minutes ago

Description : A vulnerability has been found in Tenda AC20 16.03.08.12. This affects the function set_qosMib_list of the file /goform/SetNetControlList of the component SetNetControlList Endpoint. The manipulation of the argument list leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

Severity: 9.0 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE-2025-9089 – Tenda AC20 Stack-Based Buffer Overflow Vulnerability

CVE ID : CVE-2025-9089

Published : Aug. 17, 2025, 12:15 a.m. | 1 hour, 54 minutes ago

Description : A vulnerability was determined in Tenda AC20 16.03.08.12. This issue affects the function sub_48E628 of the file /goform/SetIpMacBind. The manipulation of the argument list leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

Severity: 9.0 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

godl – Godot version manager

godl is a version manager for Godot, written in QML/C++ with the Qt Quick libraries. The post godl – Godot…

Distribution Release: Grml 2025.08

The DistroWatch news feed is brought to you by TUXEDO COMPUTERS. Grml is a bootable image based on Debian and designed for system administrators and users of text tools. The project has announced the launch of Grml 2025.08 which is based on Debian 13. “We are proud to announce our new stable release, version 2025.08, code-named ‘Oneinonein’. Grml 2025.08….

Distribution Release: Zephix 8

The DistroWatch news feed is brought to you by TUXEDO COMPUTERS. Robert Spiteri has announced a major new release of Zephix, a lightweight and fast Linux distribution, based on Debian’s “Stable” branch and built for simplicity and speed. This release marks a departure from the project’s modular approach with several popular desktop options; instead, Zephix 8 adopts the i3….

TinyDNS – tiny DNS server

TinyDNS is a tiny DNS server with simple JSON config written in C. The post TinyDNS – tiny DNS server…