CVE-2024-50086: ksmbd: fix user-after-free from session log off

0.0 CVSS

Description

In the Linux kernel, the following vulnerability has been resolved:

ksmbd: fix user-after-free from session log off

There is racy issue between smb2 session log off and smb2 session setup.
It will cause user-after-free from session log off.
This add session_lock when setting SMB2_SESSION_EXPIRED and referece
count to session struct not to free session while it is being used.

Classification

CVE ID: CVE-2024-50086

CVSS Base Severity: LOW

CVSS Base Score: 0.0

Affected Products

Vendor: Linux

Product: Linux

Exploit Prediction Scoring System (EPSS)

EPSS Score: 0.04% (probability of being exploited)

EPSS Percentile: 5.06% (scored less or equal to compared to others)

EPSS Date: 2025-02-03 (when was this score calculated)

References

https://git.kernel.org/stable/c/0f62358ce85b2d4c949ef1b648be01b29cec667a
https://git.kernel.org/stable/c/a9839c37fd813b432988f58a9d9dd59253d3eb2c
https://git.kernel.org/stable/c/5511999e9615e4318e9142d23b29bd1597befc08
https://git.kernel.org/stable/c/ee371898b53a9b9b51c02d22a8c31bfb86d45f0d
https://git.kernel.org/stable/c/7aa8804c0b67b3cb263a472d17f2cb50d7f1a930

Timeline

2024-12-10 00:31:34 UTC
CVE

ksmbd: fix user-after-free from session log off
2025-03-06 09:45:36 UTC
Tenable Plugins

Linux Distros Unpatched Vulnerability : CVE-2024-50086