CVE-2023-53751

Summary

In the Linux kernel, the following vulnerability has been resolved:

cifs: fix potential use-after-free bugs in TCP_Server_Info::hostname

TCP_Server_Info::hostname may be updated once or many times during reconnect, so protect its access outside reconnect path as well and then prevent any potential use-after-free bugs.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux93d5cb517db39e8af8d1292f9e785e4983b7f708 < 64d62ac6d6514cba1305bd08e271ec1843bdd612affected
LinuxLinux93d5cb517db39e8af8d1292f9e785e4983b7f708 < c511954bf142fe1995aec3c739a9f1a76990283aaffected
LinuxLinux93d5cb517db39e8af8d1292f9e785e4983b7f708 < 0b08c4c499200be67d54c439d56e5ea866869945affected
LinuxLinux93d5cb517db39e8af8d1292f9e785e4983b7f708 < 90c49fce1c43e1cc152695e20363ff5087897c09affected
LinuxLinux5.0affected
LinuxLinux0 < 5.0unaffected
LinuxLinux6.1.28 <= 6.1.*unaffected
LinuxLinux6.2.15 <= 6.2.*unaffected
LinuxLinux6.3.2 <= 6.3.*unaffected
LinuxLinux6.4 <= *unaffected

Weaknesses

References