CVE-2024-50086

Summary

In the Linux kernel, the following vulnerability has been resolved:

ksmbd: fix user-after-free from session log off

There is racy issue between smb2 session log off and smb2 session setup. It will cause user-after-free from session log off. This add session_lock when setting SMB2_SESSION_EXPIRED and referece count to session struct not to free session while it is being used.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux0626e6641f6b467447c81dd7678a69c66f7746cf < 0f62358ce85b2d4c949ef1b648be01b29cec667aaffected
LinuxLinux0626e6641f6b467447c81dd7678a69c66f7746cf < a9839c37fd813b432988f58a9d9dd59253d3eb2caffected
LinuxLinux0626e6641f6b467447c81dd7678a69c66f7746cf < 5511999e9615e4318e9142d23b29bd1597befc08affected
LinuxLinux0626e6641f6b467447c81dd7678a69c66f7746cf < ee371898b53a9b9b51c02d22a8c31bfb86d45f0daffected
LinuxLinux0626e6641f6b467447c81dd7678a69c66f7746cf < 7aa8804c0b67b3cb263a472d17f2cb50d7f1a930affected
LinuxLinux5.15affected
LinuxLinux0 < 5.15unaffected
LinuxLinux5.15.171 <= 5.15.*unaffected
LinuxLinux6.1.114 <= 6.1.*unaffected
LinuxLinux6.6.58 <= 6.6.*unaffected
LinuxLinux6.11.5 <= 6.11.*unaffected
LinuxLinux6.12 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

CVE Program Container

Additional References

References