7.8
CVE-2024-50283
- EPSS 0.24%
- Veröffentlicht 19.11.2024 02:16:30
- Zuletzt bearbeitet 03.11.2025 23:17:10
- Quelle 416baaa9-dc9f-4396-8d5f-8c081f
- CVE-Watchlists
- Unerledigt
ksmbd: fix slab-use-after-free in smb3_preauth_hash_rsp
In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix slab-use-after-free in smb3_preauth_hash_rsp ksmbd_user_session_put should be called under smb3_preauth_hash_rsp(). It will avoid freeing session before calling smb3_preauth_hash_rsp().
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Linux ≫ Linux Kernel Version < 6.1.117
Linux ≫ Linux Kernel Version >= 6.2 < 6.6.61
Linux ≫ Linux Kernel Version >= 6.7 < 6.11.8
Linux ≫ Linux Kernel Version6.12 Updaterc1
Linux ≫ Linux Kernel Version6.12 Updaterc2
Linux ≫ Linux Kernel Version6.12 Updaterc3
Linux ≫ Linux Kernel Version6.12 Updaterc4
Linux ≫ Linux Kernel Version6.12 Updaterc5
Linux ≫ Linux Kernel Version6.12 Updaterc6
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.24% | 0.151 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.8 | 1.8 | 5.9 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 7.8 | 1.8 | 5.9 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
|
CWE-416 Use After Free
The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.
https://git.kernel.org/stable/c/1b6ad475d4ed577d34e0157eb507be00c588bf5c
https://git.kernel.org/stable/c/b8fc56fbca7482c1e5c0e3351c6ae78982e25ada
https://git.kernel.org/stable/c/c6cdc08c25a868a08068dfc319fa9fce982b8e7f
https://git.kernel.org/stable/c/cb645064e0811053c94e86677f2e58ed29359d62
https://git.kernel.org/stable/c/f7557bbca40d4ca8bb1c6c940ac6c95078bd0827
https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html