CVSS: 8.4EPSS: 0%CPEs: 3EXPL: 0CVE-2024-35869 – smb: client: guarantee refcounted children from parent session
https://notcve.org/view.php?id=CVE-2024-35869
19 May 2024 — In the Linux kernel, the following vulnerability has been resolved: smb: client: guarantee refcounted children from parent session Avoid potential use-after-free bugs when walking DFS referrals, mounting and performing DFS failover by ensuring that all children from parent @tcon->ses are also refcounted. They're all needed across the entire DFS mount. Get rid of @tcon->dfs_ses_list while we're at it, too. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: smb: cliente: garantiza que los hijo... • https://git.kernel.org/stable/c/645f332c6b63499cc76197f9b6bffcc659ba64cc • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2024-35868 – smb: client: fix potential UAF in cifs_stats_proc_write()
https://notcve.org/view.php?id=CVE-2024-35868
19 May 2024 — In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential UAF in cifs_stats_proc_write() Skip sessions that are being teared down (status == SES_EXITING) to avoid UAF. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: smb: cliente: corrige UAF potencial en cifs_stats_proc_write() Omita las sesiones que se están eliminando (estado == SES_EXITING) para evitar UAF. In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potentia... • https://git.kernel.org/stable/c/8fefd166fcb368c5fcf48238e3f7c8af829e0a72 •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2024-35867 – smb: client: fix potential UAF in cifs_stats_proc_show()
https://notcve.org/view.php?id=CVE-2024-35867
19 May 2024 — In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential UAF in cifs_stats_proc_show() Skip sessions that are being teared down (status == SES_EXITING) to avoid UAF. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: smb: cliente: corrige UAF potencial en cifs_stats_proc_show() Omita las sesiones que se están eliminando (estado == SES_EXITING) para evitar UAF. In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential ... • https://git.kernel.org/stable/c/16b7d785775eb03929766819415055e367398f49 •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2024-35866 – smb: client: fix potential UAF in cifs_dump_full_key()
https://notcve.org/view.php?id=CVE-2024-35866
19 May 2024 — In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential UAF in cifs_dump_full_key() Skip sessions that are being teared down (status == SES_EXITING) to avoid UAF. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: smb: cliente: corrige UAF potencial en cifs_dump_full_key() Omita las sesiones que se están eliminando (estado == SES_EXITING) para evitar UAF. A use-after-free flaw was found in the Linux kernel in the smb client cifs_dump_full_key() when exi... • https://git.kernel.org/stable/c/10e17ca4000ec34737bde002a13435c38ace2682 • CWE-416: Use After Free •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2024-35865 – smb: client: fix potential UAF in smb2_is_valid_oplock_break()
https://notcve.org/view.php?id=CVE-2024-35865
19 May 2024 — In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential UAF in smb2_is_valid_oplock_break() Skip sessions that are being teared down (status == SES_EXITING) to avoid UAF. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: smb: cliente: corrige UAF potencial en smb2_is_valid_oplock_break() Omita las sesiones que se están eliminando (estado == SES_EXITING) para evitar UAF. In the Linux kernel, the following vulnerability has been resolved: smb: client: fi... • https://git.kernel.org/stable/c/84488466b7a69570bdbf76dd9576847ab97d54e7 •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2024-35864 – smb: client: fix potential UAF in smb2_is_valid_lease_break()
https://notcve.org/view.php?id=CVE-2024-35864
19 May 2024 — In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential UAF in smb2_is_valid_lease_break() Skip sessions that are being teared down (status == SES_EXITING) to avoid UAF. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: smb: cliente: corrige UAF potencial en smb2_is_valid_lease_break() Omita las sesiones que se están eliminando (estado == SES_EXITING) para evitar UAF. A use-after-free flaw was found in the Linux kernel in smb smb2_is_valid_lease_break(... • https://git.kernel.org/stable/c/c868cabdf6fdd61bea54532271f4708254e57fc5 • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2024-35863 – smb: client: fix potential UAF in is_valid_oplock_break()
https://notcve.org/view.php?id=CVE-2024-35863
19 May 2024 — In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential UAF in is_valid_oplock_break() Skip sessions that are being teared down (status == SES_EXITING) to avoid UAF. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: smb: cliente: corrige UAF potencial en is_valid_oplock_break() Omita las sesiones que se están eliminando (estado == SES_EXITING) para evitar UAF. A use-after-free flaw was found in the Linux kernel in smb is_valid_oplock_break() when exiti... • https://git.kernel.org/stable/c/494c91e1e9413b407d12166a61b84200d4d54fac • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2024-35862 – smb: client: fix potential UAF in smb2_is_network_name_deleted()
https://notcve.org/view.php?id=CVE-2024-35862
19 May 2024 — In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential UAF in smb2_is_network_name_deleted() Skip sessions that are being teared down (status == SES_EXITING) to avoid UAF. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: smb: client: corrige UAF potencial en smb2_is_network_name_deleted() Omita las sesiones que se están eliminando (estado == SES_EXITING) para evitar UAF. A use-after-free flaw was found in the Linux kernel in smb smb2_is_network_name_... • https://git.kernel.org/stable/c/f9414004798d9742c1af23a1d839fe6a9503751c • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2024-35861 – smb: client: fix potential UAF in cifs_signal_cifsd_for_reconnect()
https://notcve.org/view.php?id=CVE-2024-35861
19 May 2024 — In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential UAF in cifs_signal_cifsd_for_reconnect() Skip sessions that are being teared down (status == SES_EXITING) to avoid UAF. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: smb: cliente: corrige UAF potencial en cifs_signal_cifsd_for_reconnect() Omita las sesiones que se están eliminando (estado == SES_EXITING) para evitar UAF. In the Linux kernel, the following vulnerability has been resolved: smb: ... • https://git.kernel.org/stable/c/7e8360ac8774e19b0b25f44fff84a105bb2417e4 •
CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 0CVE-2024-35855 – mlxsw: spectrum_acl_tcam: Fix possible use-after-free during activity update
https://notcve.org/view.php?id=CVE-2024-35855
17 May 2024 — In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrum_acl_tcam: Fix possible use-after-free during activity update The rule activity update delayed work periodically traverses the list of configured rules and queries their activity from the device. As part of this task it accesses the entry pointed by 'ventry->entry', but this entry can be changed concurrently by the rehash delayed work, leading to a use-after-free [1]. Fix by closing the race and perform the activity query und... • https://git.kernel.org/stable/c/2bffc5322fd8679e879cd6370881ee50cf141ada •