CVE-2023-54280

Summary

In the Linux kernel, the following vulnerability has been resolved:

cifs: fix potential race when tree connecting ipc

Protect access of TCP_Server_Info::hostname when building the ipc tree name as it might get freed in cifsd thread and thus causing an use-after-free bug in __tree_connect_dfs_target(). Also, while at it, update status of IPC tcon on success and then avoid any extra tree connects.

Affected Software

VendorProductVersion RangeStatus
LinuxLinuxc88f7dcd6d6429197fc2fd87b54a894ffcd48e8e < 536ec71ba060a02fabe8e22cecb82fe7b3a8708baffected
LinuxLinuxc88f7dcd6d6429197fc2fd87b54a894ffcd48e8e < 553476df55a111e6a66ad9155256aec0ec1b7ad0affected
LinuxLinuxc88f7dcd6d6429197fc2fd87b54a894ffcd48e8e < ee20d7c6100752eaf2409d783f4f1449c29ea33daffected
LinuxLinux81d583baa5f1abd73c755ce1992929debd20b687affected
LinuxLinux5.15.81 < 5.16affected
LinuxLinux5.16affected
LinuxLinux0 < 5.16unaffected
LinuxLinux6.2.15 <= 6.2.*unaffected
LinuxLinux6.3.2 <= 6.3.*unaffected
LinuxLinux6.4 <= *unaffected

Weaknesses

References