CVE-2024-35868 – smb: client: fix potential UAF in cifs_stats_proc_write()
https://notcve.org/view.php?id=CVE-2024-35868
In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential UAF in cifs_stats_proc_write() Skip sessions that are being teared down (status == SES_EXITING) to avoid UAF. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: smb: cliente: corrige UAF potencial en cifs_stats_proc_write() Omita las sesiones que se están eliminando (estado == SES_EXITING) para evitar UAF. • https://git.kernel.org/stable/c/8fefd166fcb368c5fcf48238e3f7c8af829e0a72 https://git.kernel.org/stable/c/cf03020c56d3ed28c4942280957a007b5e9544f7 https://git.kernel.org/stable/c/5b5475ce69f02ecc1b13ea23106e5b89c690429b https://git.kernel.org/stable/c/d3da25c5ac84430f89875ca7485a3828150a7e0a •
CVE-2024-35867 – smb: client: fix potential UAF in cifs_stats_proc_show()
https://notcve.org/view.php?id=CVE-2024-35867
In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential UAF in cifs_stats_proc_show() Skip sessions that are being teared down (status == SES_EXITING) to avoid UAF. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: smb: cliente: corrige UAF potencial en cifs_stats_proc_show() Omita las sesiones que se están eliminando (estado == SES_EXITING) para evitar UAF. • https://git.kernel.org/stable/c/16b7d785775eb03929766819415055e367398f49 https://git.kernel.org/stable/c/c3cf8b74c57924c0985e49a1fdf02d3395111f39 https://git.kernel.org/stable/c/1e12f0d5c66f07c934041621351973a116fa13c7 https://git.kernel.org/stable/c/0865ffefea197b437ba78b5dd8d8e256253efd65 http://www.openwall.com/lists/oss-security/2024/05/29/2 http://www.openwall.com/lists/oss-security/2024/05/30/1 http://www.openwall.com/lists/oss-security/2024/05/30/2 https://access.redhat.com/security/cve/CVE-2024-358 •
CVE-2024-35866 – smb: client: fix potential UAF in cifs_dump_full_key()
https://notcve.org/view.php?id=CVE-2024-35866
In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential UAF in cifs_dump_full_key() Skip sessions that are being teared down (status == SES_EXITING) to avoid UAF. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: smb: cliente: corrige UAF potencial en cifs_dump_full_key() Omita las sesiones que se están eliminando (estado == SES_EXITING) para evitar UAF. A use-after-free flaw was found in the Linux kernel in the smb client cifs_dump_full_key() when exiting a session. This flaw allows a local attacker to crash the system. • https://git.kernel.org/stable/c/10e17ca4000ec34737bde002a13435c38ace2682 https://git.kernel.org/stable/c/3103163ccd3be4adcfa37e15608fb497be044113 https://git.kernel.org/stable/c/58acd1f497162e7d282077f816faa519487be045 https://access.redhat.com/security/cve/CVE-2024-35866 https://bugzilla.redhat.com/show_bug.cgi?id=2281760 • CWE-416: Use After Free •
CVE-2024-35865 – smb: client: fix potential UAF in smb2_is_valid_oplock_break()
https://notcve.org/view.php?id=CVE-2024-35865
In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential UAF in smb2_is_valid_oplock_break() Skip sessions that are being teared down (status == SES_EXITING) to avoid UAF. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: smb: cliente: corrige UAF potencial en smb2_is_valid_oplock_break() Omita las sesiones que se están eliminando (estado == SES_EXITING) para evitar UAF. • https://git.kernel.org/stable/c/84488466b7a69570bdbf76dd9576847ab97d54e7 https://git.kernel.org/stable/c/21fed37d2bdcde33453faf61d3d4d96c355f04bd https://git.kernel.org/stable/c/3dba0e5276f131e36d6d8043191d856f49238628 https://git.kernel.org/stable/c/22863485a4626ec6ecf297f4cc0aef709bc862e4 https://access.redhat.com/security/cve/CVE-2024-35865 https://bugzilla.redhat.com/show_bug.cgi?id=2281763 •
CVE-2024-35864 – smb: client: fix potential UAF in smb2_is_valid_lease_break()
https://notcve.org/view.php?id=CVE-2024-35864
In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential UAF in smb2_is_valid_lease_break() Skip sessions that are being teared down (status == SES_EXITING) to avoid UAF. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: smb: cliente: corrige UAF potencial en smb2_is_valid_lease_break() Omita las sesiones que se están eliminando (estado == SES_EXITING) para evitar UAF. A use-after-free flaw was found in the Linux kernel in smb smb2_is_valid_lease_break() when exiting a session. This flaw allows a local attacker to crash the system. • https://git.kernel.org/stable/c/c868cabdf6fdd61bea54532271f4708254e57fc5 https://git.kernel.org/stable/c/f92739fdd4522c4291277136399353d7c341fae4 https://git.kernel.org/stable/c/a8344e2b69bde63f713b0aa796d70dbeadffddfb https://git.kernel.org/stable/c/705c76fbf726c7a2f6ff9143d4013b18daaaebf1 https://access.redhat.com/security/cve/CVE-2024-35864 https://bugzilla.redhat.com/show_bug.cgi?id=2281769 • CWE-416: Use After Free •