CVE-2023-54076

Summary

In the Linux kernel, the following vulnerability has been resolved:

smb: client: fix missed ses refcounting

Use new cifs_smb_ses_inc_refcount() helper to get an active reference of @ses and @ses->dfs_root_ses (if set). This will prevent @ses->dfs_root_ses of being put in the next call to cifs_put_smb_ses() and thus potentially causing an use-after-free bug.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux8e3554150d6c80a84b3cb046615d1a0e943811dc < eb382196e6f6e05cfafdab797840e5a96c6e7bf0affected
LinuxLinux8e3554150d6c80a84b3cb046615d1a0e943811dc < bf99f6be2d20146942bce6f9e90a0ceef12cbc1eaffected
LinuxLinuxf30d226bcc9f0e2d97b4a6e94c43a28148fbeab6affected
LinuxLinuxc082c3be0f96e759ff2e361d929832fda0b93851affected
LinuxLinux6.2.15 < 6.3affected
LinuxLinux6.3.2 < 6.4affected
LinuxLinux6.4affected
LinuxLinux0 < 6.4unaffected
LinuxLinux6.4.7 <= 6.4.*unaffected
LinuxLinux6.5 <= *unaffected

Weaknesses

References