We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.

Please see our statement on Data Privacy.

Crisp.chat (Helpdesk and Chat)

Ok

THREATINT
PUBLISHED

CVE-2024-50283

ksmbd: fix slab-use-after-free in smb3_preauth_hash_rsp



Description

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix slab-use-after-free in smb3_preauth_hash_rsp ksmbd_user_session_put should be called under smb3_preauth_hash_rsp(). It will avoid freeing session before calling smb3_preauth_hash_rsp().

Reserved 2024-10-21 | Published 2024-11-19 | Updated 2024-12-09 | Assigner Linux

Product status

Default status
unaffected

0626e6641f6b before f7557bbca40d
affected

0626e6641f6b before c6cdc08c25a8
affected

0626e6641f6b before 1b6ad475d4ed
affected

0626e6641f6b before b8fc56fbca74
affected

Default status
affected

5.15
affected

Any version before 5.15
unaffected

6.1.117
unaffected

6.6.61
unaffected

6.11.8
unaffected

6.12
unaffected

References

git.kernel.org/...c/f7557bbca40d4ca8bb1c6c940ac6c95078bd0827

git.kernel.org/...c/c6cdc08c25a868a08068dfc319fa9fce982b8e7f

git.kernel.org/...c/1b6ad475d4ed577d34e0157eb507be00c588bf5c

git.kernel.org/...c/b8fc56fbca7482c1e5c0e3351c6ae78982e25ada

cve.org (CVE-2024-50283)

nvd.nist.gov (CVE-2024-50283)

Download JSON

Share this page
https://cve.threatint.com/CVE/CVE-2024-50283

Support options

Helpdesk Chat, Email, Knowledgebase
Telegram Chat
Subscribe to our newsletter to learn more about our work.