CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

CVE-2024-58087: ksmbd: fix racy issue from session lookup and expire

Description

In the Linux kernel, the following vulnerability has been resolved:

ksmbd: fix racy issue from session lookup and expire

Increment the session reference count within the lock for lookup to avoid
racy issue with session expire.

Classification

CVE ID: CVE-2024-58087

Affected Products

Vendor: Linux, Linux

Product: Linux, Linux

Exploit Prediction Scoring System (EPSS)

EPSS Score: 0.1% (probability of being exploited)

EPSS Percentile: 25.48% (scored less or equal to compared to others)

EPSS Date: 2025-04-10 (when was this score calculated)

References

https://nvd.nist.gov/vuln/detail/CVE-2024-58087
https://git.kernel.org/stable/c/2107ab40629aeabbec369cf34b8cf0f288c3eb1b
https://git.kernel.org/stable/c/37a0e2b362b3150317fb6e2139de67b1e29ae5ff
https://git.kernel.org/stable/c/450a844c045ff0895d41b05a1cbe8febd1acfcfd
https://git.kernel.org/stable/c/a39e31e22a535d47b14656a7d6a893c7f6cf758c
https://git.kernel.org/stable/c/b95629435b84b9ecc0c765995204a4d8a913ed52

Timeline