CVE-2024-58087
8.1
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
In the Linux kernel, the following vulnerability has been resolved:
ksmbd: fix racy issue from session lookup and expire
Increment the session reference count within the lock for lookup to avoid racy issue with session expire.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Linux | Linux | 0626e6641f6b467447c81dd7678a69c66f7746cf < 2107ab40629aeabbec369cf34b8cf0f288c3eb1b | affected |
| Linux | Linux | 0626e6641f6b467447c81dd7678a69c66f7746cf < 37a0e2b362b3150317fb6e2139de67b1e29ae5ff | affected |
| Linux | Linux | 0626e6641f6b467447c81dd7678a69c66f7746cf < 450a844c045ff0895d41b05a1cbe8febd1acfcfd | affected |
| Linux | Linux | 0626e6641f6b467447c81dd7678a69c66f7746cf < a39e31e22a535d47b14656a7d6a893c7f6cf758c | affected |
| Linux | Linux | 0626e6641f6b467447c81dd7678a69c66f7746cf < b95629435b84b9ecc0c765995204a4d8a913ed52 | affected |
| Linux | Linux | 5.15 | affected |
| Linux | Linux | 0 < 5.15 | unaffected |
| Linux | Linux | 5.15.176 <= 5.15.* | unaffected |
| Linux | Linux | 6.1.121 <= 6.1.* | unaffected |
| Linux | Linux | 6.6.67 <= 6.6.* | unaffected |
| Linux | Linux | 6.12.6 <= 6.12.* | unaffected |
| Linux | Linux | 6.13 <= * | unaffected |
Weaknesses
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: total
References
- https://git.kernel.org/stable/c/2107ab40629aeabbec369cf34b8cf0f288c3eb1b
- https://git.kernel.org/stable/c/37a0e2b362b3150317fb6e2139de67b1e29ae5ff
- https://git.kernel.org/stable/c/450a844c045ff0895d41b05a1cbe8febd1acfcfd
- https://git.kernel.org/stable/c/a39e31e22a535d47b14656a7d6a893c7f6cf758c
- https://git.kernel.org/stable/c/b95629435b84b9ecc0c765995204a4d8a913ed52
- https://www.zerodayinitiative.com/advisories/ZDI-25-100/
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.