CVE-2024-50086

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix user-after-free from session log off There is racy issue between smb2 session log off and smb2 session setup. It will cause user-after-free from session log off. This add session_lock when setting SMB2_SESSION_EXPIRED and referece count to session struct not to free session while it is being used.
Configurations

Configuration 1 (hide)

OR cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.12:rc1:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.12:rc2:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.12:rc3:*:*:*:*:*:*

History

08 Nov 2024, 16:15

Type Values Removed Values Added
References
  • () https://git.kernel.org/stable/c/0f62358ce85b2d4c949ef1b648be01b29cec667a -

30 Oct 2024, 14:46

Type Values Removed Values Added
References () https://git.kernel.org/stable/c/5511999e9615e4318e9142d23b29bd1597befc08 - () https://git.kernel.org/stable/c/5511999e9615e4318e9142d23b29bd1597befc08 - Patch
References () https://git.kernel.org/stable/c/7aa8804c0b67b3cb263a472d17f2cb50d7f1a930 - () https://git.kernel.org/stable/c/7aa8804c0b67b3cb263a472d17f2cb50d7f1a930 - Patch
References () https://git.kernel.org/stable/c/a9839c37fd813b432988f58a9d9dd59253d3eb2c - () https://git.kernel.org/stable/c/a9839c37fd813b432988f58a9d9dd59253d3eb2c - Patch
References () https://git.kernel.org/stable/c/ee371898b53a9b9b51c02d22a8c31bfb86d45f0d - () https://git.kernel.org/stable/c/ee371898b53a9b9b51c02d22a8c31bfb86d45f0d - Patch
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 7.0
First Time Linux linux Kernel
Linux
CPE cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.12:rc2:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.12:rc3:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.12:rc1:*:*:*:*:*:*
CWE CWE-416

29 Oct 2024, 14:34

Type Values Removed Values Added
Summary
  • (es) En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: ksmbd: se corrige el problema de user-after-free del cierre de sesión. Hay un problema de velocidad entre el cierre de sesión de smb2 y la configuración de la sesión de smb2. Esto provocará que el user-after-free cierre la sesión. Esto agrega session_lock al configurar SMB2_SESSION_EXPIRED y hace referencia a count en la estructura de sesión para no liberar la sesión mientras se está utilizando.

29 Oct 2024, 01:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-10-29 01:15

Updated : 2024-11-08 16:15


NVD link : CVE-2024-50086

Mitre link : CVE-2024-50086

CVE.ORG link : CVE-2024-50086


JSON object : View

Products Affected

linux

  • linux_kernel
CWE
CWE-416

Use After Free