CVE-2024-35999

Summary

In the Linux kernel, the following vulnerability has been resolved:

smb3: missing lock when picking channel

Coverity spotted a place where we should have been holding the channel lock when accessing the ses channel index.

Addresses-Coverity: 1582039 ("Data race condition (MISSING_LOCK)")

Affected Software

VendorProductVersion RangeStatus
LinuxLinux724244cdb3828522109c88e56a0242537aefabe9 < 98c7ed29cd754ae7475dc7cb3f33399fda902729affected
LinuxLinux724244cdb3828522109c88e56a0242537aefabe9 < 0fcf7e219448e937681216353c9a58abae6d3c2eaffected
LinuxLinux724244cdb3828522109c88e56a0242537aefabe9 < 60ab245292280905603bc0d3654f4cf8fceccb00affected
LinuxLinux724244cdb3828522109c88e56a0242537aefabe9 < 8094a600245e9b28eb36a13036f202ad67c1f887affected
LinuxLinux3d74c2c917e4006a3bd660d2fc7829cb2ef64113affected
LinuxLinux5.15.27 < 5.16affected
LinuxLinux5.16affected
LinuxLinux0 < 5.16unaffected
LinuxLinux6.1.91 <= 6.1.*unaffected
LinuxLinux6.6.30 <= 6.6.*unaffected
LinuxLinux6.8.9 <= 6.8.*unaffected
LinuxLinux6.9 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

CVE Program Container

Additional References

References