CVE-2023-54260

Summary

In the Linux kernel, the following vulnerability has been resolved:

cifs: Fix lost destroy smbd connection when MR allocate failed

If the MR allocate failed, the smb direct connection info is NULL, then smbd_destroy() will directly return, then the connection info will be leaked.

Let's set the smb direct connection info to the server before call smbd_destroy().

Affected Software

VendorProductVersion RangeStatus
LinuxLinuxc7398583340a6d82b8bb7f7f21edcde27dc6a898 < d303e25887127364a6765eaf7ac68aa2bac518a9affected
LinuxLinuxc7398583340a6d82b8bb7f7f21edcde27dc6a898 < 324c0c34fff1affd436e509325cb46739209704eaffected
LinuxLinuxc7398583340a6d82b8bb7f7f21edcde27dc6a898 < caac205e0d5b44c4c23a10c6c0976d50ebe16ac2affected
LinuxLinuxc7398583340a6d82b8bb7f7f21edcde27dc6a898 < 46cd6c639cddba2bd2d810ceb16bb20374ad75b0affected
LinuxLinuxc7398583340a6d82b8bb7f7f21edcde27dc6a898 < c51ae01104b318bf15f3c5097faba5c72addba7aaffected
LinuxLinuxc7398583340a6d82b8bb7f7f21edcde27dc6a898 < 04b7e13b8a13264282f874db5378fc3d3253cfacaffected
LinuxLinuxc7398583340a6d82b8bb7f7f21edcde27dc6a898 < e9d3401d95d62a9531082cd2453ed42f2740e3fdaffected
LinuxLinux4.16affected
LinuxLinux0 < 4.16unaffected
LinuxLinux4.19.276 <= 4.19.*unaffected
LinuxLinux5.4.235 <= 5.4.*unaffected
LinuxLinux5.10.173 <= 5.10.*unaffected
LinuxLinux5.15.99 <= 5.15.*unaffected
LinuxLinux6.1.16 <= 6.1.*unaffected
LinuxLinux6.2.3 <= 6.2.*unaffected
LinuxLinux6.3 <= *unaffected

Weaknesses

References