CVE-2024-35864 – smb: client: fix potential UAF in smb2_is_valid_lease_break()
https://notcve.org/view.php?id=CVE-2024-35864
In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential UAF in smb2_is_valid_lease_break() Skip sessions that are being teared down (status == SES_EXITING) to avoid UAF. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: smb: cliente: corrige UAF potencial en smb2_is_valid_lease_break() Omita las sesiones que se están eliminando (estado == SES_EXITING) para evitar UAF. • https://git.kernel.org/stable/c/c868cabdf6fdd61bea54532271f4708254e57fc5 https://git.kernel.org/stable/c/f92739fdd4522c4291277136399353d7c341fae4 https://git.kernel.org/stable/c/a8344e2b69bde63f713b0aa796d70dbeadffddfb https://git.kernel.org/stable/c/705c76fbf726c7a2f6ff9143d4013b18daaaebf1 •
CVE-2024-35863 – smb: client: fix potential UAF in is_valid_oplock_break()
https://notcve.org/view.php?id=CVE-2024-35863
In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential UAF in is_valid_oplock_break() Skip sessions that are being teared down (status == SES_EXITING) to avoid UAF. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: smb: cliente: corrige UAF potencial en is_valid_oplock_break() Omita las sesiones que se están eliminando (estado == SES_EXITING) para evitar UAF. • https://git.kernel.org/stable/c/494c91e1e9413b407d12166a61b84200d4d54fac https://git.kernel.org/stable/c/0a15ba88a32fa7a516aff7ffd27befed5334dff2 https://git.kernel.org/stable/c/16d58c6a7db5050b9638669084b63fc05f951825 https://git.kernel.org/stable/c/69ccf040acddf33a3a85ec0f6b45ef84b0f7ec29 •
CVE-2024-35862 – smb: client: fix potential UAF in smb2_is_network_name_deleted()
https://notcve.org/view.php?id=CVE-2024-35862
In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential UAF in smb2_is_network_name_deleted() Skip sessions that are being teared down (status == SES_EXITING) to avoid UAF. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: smb: client: corrige UAF potencial en smb2_is_network_name_deleted() Omita las sesiones que se están eliminando (estado == SES_EXITING) para evitar UAF. • https://git.kernel.org/stable/c/f9414004798d9742c1af23a1d839fe6a9503751c https://git.kernel.org/stable/c/aa582b33f94453fdeaff1e7d0aa252c505975e01 https://git.kernel.org/stable/c/d919b6ea15ffa56fbafef4a1d92f47aeda9af645 https://git.kernel.org/stable/c/63981561ffd2d4987807df4126f96a11e18b0c1d •
CVE-2024-35861 – smb: client: fix potential UAF in cifs_signal_cifsd_for_reconnect()
https://notcve.org/view.php?id=CVE-2024-35861
In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential UAF in cifs_signal_cifsd_for_reconnect() Skip sessions that are being teared down (status == SES_EXITING) to avoid UAF. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: smb: cliente: corrige UAF potencial en cifs_signal_cifsd_for_reconnect() Omita las sesiones que se están eliminando (estado == SES_EXITING) para evitar UAF. • https://git.kernel.org/stable/c/7e8360ac8774e19b0b25f44fff84a105bb2417e4 https://git.kernel.org/stable/c/2cfff21732132e363b4cc275d63ea98f1af726c1 https://git.kernel.org/stable/c/f9a96a7ad1e8d25dc6662bc7552e0752de74a20d https://git.kernel.org/stable/c/e0e50401cc3921c9eaf1b0e667db174519ea939f •
CVE-2024-35857 – icmp: prevent possible NULL dereferences from icmp_build_probe()
https://notcve.org/view.php?id=CVE-2024-35857
In the Linux kernel, the following vulnerability has been resolved: icmp: prevent possible NULL dereferences from icmp_build_probe() First problem is a double call to __in_dev_get_rcu(), because the second one could return NULL. if (__in_dev_get_rcu(dev) && __in_dev_get_rcu(dev)->ifa_list) Second problem is a read from dev->ip6_ptr with no NULL check: if (!list_empty(&rcu_dereference(dev->ip6_ptr)->addr_list)) Use the correct RCU API to fix these. v2: add missing include <net/addrconf.h> En el kernel de Linux se ha resuelto la siguiente vulnerabilidad: icmp: evita posibles desreferencias a NULL por parte de icmp_build_probe(). El primer problema es una doble llamada a __in_dev_get_rcu(), porque la segunda podría devolver NULL. if (__in_dev_get_rcu(dev) && __in_dev_get_rcu(dev)->ifa_list) El segundo problema es una lectura de dev->ip6_ptr sin verificación NULL: if (!list_empty(&rcu_dereference(dev->ip6_ptr)->addr_list)) Use el correcto API de RCU para solucionarlos. v2: agregar falta incluir • https://git.kernel.org/stable/c/d329ea5bd8845f0b196bf41b18b6173340d6e0e4 https://git.kernel.org/stable/c/23b7ee4a8d559bf38eac7ce5bb2f6ebf76f9c401 https://git.kernel.org/stable/c/599c9ad5e1d43f5c12d869f5fd406ba5d8c55270 https://git.kernel.org/stable/c/d68dc711d84fdcf698e5d45308c3ddeede586350 https://git.kernel.org/stable/c/3e2979bf080c40da4f7c93aff8575ab8bc62b767 https://git.kernel.org/stable/c/c58e88d49097bd12dfcfef4f075b43f5d5830941 https://access.redhat.com/security/cve/CVE-2024-35857 https://bugzilla.redhat.com/show_bug.cgi?id=2281247 •