CVE-2024-58087

Summary

In the Linux kernel, the following vulnerability has been resolved:

ksmbd: fix racy issue from session lookup and expire

Increment the session reference count within the lock for lookup to avoid racy issue with session expire.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux0626e6641f6b467447c81dd7678a69c66f7746cf < 2107ab40629aeabbec369cf34b8cf0f288c3eb1baffected
LinuxLinux0626e6641f6b467447c81dd7678a69c66f7746cf < 37a0e2b362b3150317fb6e2139de67b1e29ae5ffaffected
LinuxLinux0626e6641f6b467447c81dd7678a69c66f7746cf < 450a844c045ff0895d41b05a1cbe8febd1acfcfdaffected
LinuxLinux0626e6641f6b467447c81dd7678a69c66f7746cf < a39e31e22a535d47b14656a7d6a893c7f6cf758caffected
LinuxLinux0626e6641f6b467447c81dd7678a69c66f7746cf < b95629435b84b9ecc0c765995204a4d8a913ed52affected
LinuxLinux5.15affected
LinuxLinux0 < 5.15unaffected
LinuxLinux5.15.176 <= 5.15.*unaffected
LinuxLinux6.1.121 <= 6.1.*unaffected
LinuxLinux6.6.67 <= 6.6.*unaffected
LinuxLinux6.12.6 <= 6.12.*unaffected
LinuxLinux6.13 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References