5.5
CVE-2024-50285
- EPSS 0.05%
- Veröffentlicht 19.11.2024 02:16:30
- Zuletzt bearbeitet 01.10.2025 21:16:17
- Quelle 416baaa9-dc9f-4396-8d5f-8c081f
- CVE-Watchlists
- Unerledigt
ksmbd: check outstanding simultaneous SMB operations
In the Linux kernel, the following vulnerability has been resolved: ksmbd: check outstanding simultaneous SMB operations If Client send simultaneous SMB operations to ksmbd, It exhausts too much memory through the "ksmbd_work_cache”. It will cause OOM issue. ksmbd has a credit mechanism but it can't handle this problem. This patch add the check if it exceeds max credits to prevent this problem by assuming that one smb request consumes at least one credit.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Linux ≫ Linux Kernel Version < 6.6.61
Linux ≫ Linux Kernel Version >= 6.7 < 6.11.8
Linux ≫ Linux Kernel Version6.12 Updaterc1
Linux ≫ Linux Kernel Version6.12 Updaterc2
Linux ≫ Linux Kernel Version6.12 Updaterc3
Linux ≫ Linux Kernel Version6.12 Updaterc4
Linux ≫ Linux Kernel Version6.12 Updaterc5
Linux ≫ Linux Kernel Version6.12 Updaterc6
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. 
Login
Login| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.05% | 0.14 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5.5 | 1.8 | 3.6 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 5.5 | 1.8 | 3.6 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
|
CWE-770 Allocation of Resources Without Limits or Throttling
The product allocates a reusable resource or group of resources on behalf of an actor without imposing any intended restrictions on the size or number of resources that can be allocated.