CVE-2023-52757

EPSS 0.01%
Veröffentlicht 21.05.2024 16:15:15
Zuletzt bearbeitet 03.11.2025 20:16:05
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
CVE-Watchlists
Login
Unerledigt
Login

In the Linux kernel, the following vulnerability has been resolved:

smb: client: fix potential deadlock when releasing mids

All release_mid() callers seem to hold a reference of @mid so there is
no need to call kref_put(&mid->refcount, __release_mid) under
@server->mid_lock spinlock.  If they don't, then an use-after-free bug
would have occurred anyways.

By getting rid of such spinlock also fixes a potential deadlock as
shown below

CPU 0                                CPU 1
------------------------------------------------------------------
cifs_demultiplex_thread()            cifs_debug_data_proc_show()
 release_mid()
  spin_lock(&server->mid_lock);
                                     spin_lock(&cifs_tcp_ses_lock)
				      spin_lock(&server->mid_lock)
  __release_mid()
   smb2_find_smb_tcon()
    spin_lock(&cifs_tcp_ses_lock) *deadlock*

Betroffene Produkte Warnungen 0 Metriken 2 CWE 2 Referenzen 10

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Linux ≫ Linux Kernel Version < 6.1.64

Linux ≫ Linux Kernel Version >= 6.2 < 6.5.13

Linux ≫ Linux Kernel Version >= 6.6 < 6.6.3

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.01%	0.004

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.8	1.8	5.9	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE-416 Use After Free

The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.

CWE-667 Improper Locking

The product does not properly acquire or release a lock on a resource, leading to unexpected resource state changes and behaviors.

https://git.kernel.org/stable/c/9eb44db68c5b7f5aa22b8fc7de74a3e2e08d1f29

Patch

https://git.kernel.org/stable/c/b9bb9607b1fc12fca51f5632da25b36975f599bf

Patch

https://git.kernel.org/stable/c/c1a5962f1462b64fe7b69f20a4b6af8067bc2d26

Patch

https://git.kernel.org/stable/c/e6322fd177c6885a21dd4609dc5e5c973d1a2eb7

Patch

https://git.kernel.org/stable/c/99f476e27aad5964ab13777d84fda67d1356dec1

https://git.kernel.org/stable/c/ce49569079a9d4cad26c0f1d4653382fd9a5ca7a

https://lists.debian.org/debian-lts-announce/2025/05/msg00030.html

https://nvd.nist.gov/vuln/detail/CVE-2023-52757

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2023-52757

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2023-52757

EUVD