GHSA-jh47-c26g-fr5q

Опубликовано: 19 нояб. 2024

Источник: github

Github: Не прошло ревью

CVSS3: 7

Описание

In the Linux kernel, the following vulnerability has been resolved:

ksmbd: fix slab-use-after-free in ksmbd_smb2_session_create

There is a race condition between ksmbd_smb2_session_create and ksmbd_expire_session. This patch add missing sessions_table_lock while adding/deleting session from global session table.

In the Linux kernel, the following vulnerability has been resolved:

ksmbd: fix slab-use-after-free in ksmbd_smb2_session_create

There is a race condition between ksmbd_smb2_session_create and ksmbd_expire_session. This patch add missing sessions_table_lock while adding/deleting session from global session table.

Ссылки

EPSS

Процентиль: 5%

0.00021

Низкий

7 High

CVSS3

CVE ID

CVE-2024-50286

Дефекты

CWE-416

Связанные уязвимости

CVE-2024-50286

CVSS3: 7

ubuntu

около 1 года назад

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix slab-use-after-free in ksmbd_smb2_session_create There is a race condition between ksmbd_smb2_session_create and ksmbd_expire_session. This patch add missing sessions_table_lock while adding/deleting session from global session table.