7.8

CVE-2024-46736

smb: client: fix double put of @cfile in smb2_rename_path()

In the Linux kernel, the following vulnerability has been resolved:

smb: client: fix double put of @cfile in smb2_rename_path()

If smb2_set_path_attr() is called with a valid @cfile and returned
-EINVAL, we need to call cifs_get_writable_path() again as the
reference of @cfile was already dropped by previous smb2_compound_op()
call.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 6.6.32 < 6.6.51
LinuxLinux Kernel Version >= 6.9 < 6.10.10
LinuxLinux Kernel Version6.11 Updaterc1
LinuxLinux Kernel Version6.11 Updaterc2
LinuxLinux Kernel Version6.11 Updaterc3
LinuxLinux Kernel Version6.11 Updaterc4
LinuxLinux Kernel Version6.11 Updaterc5
LinuxLinux Kernel Version6.11 Updaterc6
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.24% 0.154
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.8 1.8 5.9
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE-415 Double Free

The product calls free() twice on the same memory address.

https://git.kernel.org/stable/c/1a46c7f6546b73cbf36f5a618a1a6bbb45391eb3
Patch
https://git.kernel.org/stable/c/3523a3df03c6f04f7ea9c2e7050102657e331a4f
Patch
https://git.kernel.org/stable/c/b27ea9c96efd2c252a981fb00d0f001b86c90f3e
Patch