CVE-2024-46742
N/A
N/A
Summary
In the Linux kernel, the following vulnerability has been resolved:
smb/server: fix potential null-ptr-deref of lease_ctx_info in smb2_open()
null-ptr-deref will occur when (req_op_level == SMB2_OPLOCK_LEVEL_LEASE) and parse_lease_state() return NULL.
Fix this by check if 'lease_ctx_info' is NULL.
Additionally, remove the redundant parentheses in parse_durable_handle_context().
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Linux | Linux | 0626e6641f6b467447c81dd7678a69c66f7746cf < 878f32878351104448b86ef5b85d1f8ed6f599fb | affected |
| Linux | Linux | 0626e6641f6b467447c81dd7678a69c66f7746cf < ec28c35029b7930f31117f9284874b63bea4f31b | affected |
| Linux | Linux | 0626e6641f6b467447c81dd7678a69c66f7746cf < 07f384c5be1f8633b13f0a22616e227570450bc6 | affected |
| Linux | Linux | 0626e6641f6b467447c81dd7678a69c66f7746cf < 3b692794b81f2ecad69a4adbba687f3836824ada | affected |
| Linux | Linux | 0626e6641f6b467447c81dd7678a69c66f7746cf < 4e8771a3666c8f216eefd6bd2fd50121c6c437db | affected |
| Linux | Linux | 5.15 | affected |
| Linux | Linux | 0 < 5.15 | unaffected |
| Linux | Linux | 5.15.181 <= 5.15.* | unaffected |
| Linux | Linux | 6.1.135 <= 6.1.* | unaffected |
| Linux | Linux | 6.6.51 <= 6.6.* | unaffected |
| Linux | Linux | 6.10.10 <= 6.10.* | unaffected |
| Linux | Linux | 6.11 <= * | unaffected |
Weaknesses
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: partial
CVE Program Container
Additional References
References
- https://git.kernel.org/stable/c/878f32878351104448b86ef5b85d1f8ed6f599fb
- https://git.kernel.org/stable/c/ec28c35029b7930f31117f9284874b63bea4f31b
- https://git.kernel.org/stable/c/07f384c5be1f8633b13f0a22616e227570450bc6
- https://git.kernel.org/stable/c/3b692794b81f2ecad69a4adbba687f3836824ada
- https://git.kernel.org/stable/c/4e8771a3666c8f216eefd6bd2fd50121c6c437db
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.