CVE-2024-50286 – ksmbd: fix slab-use-after-free in ksmbd_smb2_session_create
https://notcve.org/view.php?id=CVE-2024-50286
In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix slab-use-after-free in ksmbd_smb2_session_create There is a race condition between ksmbd_smb2_session_create and ksmbd_expire_session. This patch add missing sessions_table_lock while adding/deleting session from global session table. • https://git.kernel.org/stable/c/0626e6641f6b467447c81dd7678a69c66f7746cf https://git.kernel.org/stable/c/f56446ba5378d19e31040b548a14ee9a8f1500ea https://git.kernel.org/stable/c/e923503a56b3385b64ae492e3225e4623f560c5b https://git.kernel.org/stable/c/e7a2ad2044377853cf8c59528dac808a08a99c72 https://git.kernel.org/stable/c/0a77715db22611df50b178374c51e2ba0d58866e •
CVE-2024-50285 – ksmbd: check outstanding simultaneous SMB operations
https://notcve.org/view.php?id=CVE-2024-50285
In the Linux kernel, the following vulnerability has been resolved: ksmbd: check outstanding simultaneous SMB operations If Client send simultaneous SMB operations to ksmbd, It exhausts too much memory through the "ksmbd_work_cacheā. It will cause OOM issue. ksmbd has a credit mechanism but it can't handle this problem. This patch add the check if it exceeds max credits to prevent this problem by assuming that one smb request consumes at least one credit. This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of the Linux Kernel. Authentication is not required to exploit this vulnerability. • https://git.kernel.org/stable/c/0626e6641f6b467447c81dd7678a69c66f7746cf https://git.kernel.org/stable/c/1f993777275cbd8f74765c4f9d9285cb907c9be5 https://git.kernel.org/stable/c/e257ac6fe138623cf59fca8898abdf659dbc8356 https://git.kernel.org/stable/c/0a77d947f599b1f39065015bec99390d0c0022ee •
CVE-2024-50284 – ksmbd: Fix the missing xa_store error check
https://notcve.org/view.php?id=CVE-2024-50284
In the Linux kernel, the following vulnerability has been resolved: ksmbd: Fix the missing xa_store error check xa_store() can fail, it return xa_err(-EINVAL) if the entry cannot be stored in an XArray, or xa_err(-ENOMEM) if memory allocation failed, so check error for xa_store() to fix it. • https://git.kernel.org/stable/c/052b41ef2abe274f068e892aee81406f11bd1f3a https://git.kernel.org/stable/c/b685757c7b08d5073046fb379be965fd6c06aafc https://git.kernel.org/stable/c/1f485b54d04a920723984062c912174330a05178 https://git.kernel.org/stable/c/d8664ce789bd46290c59a00da6897252f92c237d https://git.kernel.org/stable/c/726c1568b9145fa13ee248df184b186c382a7ff8 https://git.kernel.org/stable/c/c2a232c4f790f4bcd4d218904c56ac7a39a448f5 https://git.kernel.org/stable/c/3abab905b14f4ba756d413f37f1fb02b708eee93 •
CVE-2024-50283 – ksmbd: fix slab-use-after-free in smb3_preauth_hash_rsp
https://notcve.org/view.php?id=CVE-2024-50283
In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix slab-use-after-free in smb3_preauth_hash_rsp ksmbd_user_session_put should be called under smb3_preauth_hash_rsp(). It will avoid freeing session before calling smb3_preauth_hash_rsp(). • https://git.kernel.org/stable/c/0626e6641f6b467447c81dd7678a69c66f7746cf https://git.kernel.org/stable/c/cb645064e0811053c94e86677f2e58ed29359d62 https://git.kernel.org/stable/c/f7557bbca40d4ca8bb1c6c940ac6c95078bd0827 https://git.kernel.org/stable/c/c6cdc08c25a868a08068dfc319fa9fce982b8e7f https://git.kernel.org/stable/c/1b6ad475d4ed577d34e0157eb507be00c588bf5c https://git.kernel.org/stable/c/b8fc56fbca7482c1e5c0e3351c6ae78982e25ada •
CVE-2024-50282 – drm/amdgpu: add missing size check in amdgpu_debugfs_gprwave_read()
https://notcve.org/view.php?id=CVE-2024-50282
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: add missing size check in amdgpu_debugfs_gprwave_read() Avoid a possible buffer overflow if size is larger than 4K. (cherry picked from commit f5d873f5825b40d886d03bd2aede91d4cf002434) • https://git.kernel.org/stable/c/673bdb4200c092692f83b5f7ba3df57021d52d29 https://git.kernel.org/stable/c/7ccd781794d247589104a791caab491e21218fba https://git.kernel.org/stable/c/17f5f18085acb5e9d8d13d84a4e12bb3aff2bd64 https://git.kernel.org/stable/c/aaf6160a4b7f9ee3cd91aa5b3251f5dbe2170f42 https://git.kernel.org/stable/c/25d7e84343e1235b667cf5226c3934fdf36f0df6 https://git.kernel.org/stable/c/8906728f2fbd6504cb488f4afdd66af28f330a7a https://git.kernel.org/stable/c/2faaee36e6e30f9efc7fa6bcb0bdcbe05c23f51f https://git.kernel.org/stable/c/4d75b9468021c73108b4439794d69e892 •