Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistLinuxCVELIST:CVE-2024-46742
HistorySep 18, 2024 - 7:12 a.m.

CVE-2024-46742 smb/server: fix potential null-ptr-deref of lease_ctx_info in smb2_open()

2024-09-1807:12:03
Linux
www.cve.org
9
linux kernel
cve-2024-46742
smb/server
vulnerability
fix
null-ptr-deref
lease_ctx_info
smb2_open
parse_lease_state
parse_durable_handle_context

EPSS

0

Percentile

16.4%

JSON

In the Linux kernel, the following vulnerability has been resolved:

smb/server: fix potential null-ptr-deref of lease_ctx_info in smb2_open()

null-ptr-deref will occur when (req_op_level == SMB2_OPLOCK_LEVEL_LEASE)
and parse_lease_state() return NULL.

Fix this by check if ‘lease_ctx_info’ is NULL.

Additionally, remove the redundant parentheses in
parse_durable_handle_context().

CNA Affected

[
  {
    "product": "Linux",
    "vendor": "Linux",
    "defaultStatus": "unaffected",
    "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
    "programFiles": [
      "fs/smb/server/oplock.c",
      "fs/smb/server/smb2pdu.c"
    ],
    "versions": [
      {
        "version": "1da177e4c3f4",
        "lessThan": "07f384c5be1f",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "1da177e4c3f4",
        "lessThan": "3b692794b81f",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "1da177e4c3f4",
        "lessThan": "4e8771a3666c",
        "status": "affected",
        "versionType": "git"
      }
    ]
  },
  {
    "product": "Linux",
    "vendor": "Linux",
    "defaultStatus": "affected",
    "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
    "programFiles": [
      "fs/smb/server/oplock.c",
      "fs/smb/server/smb2pdu.c"
    ],
    "versions": [
      {
        "version": "6.6.51",
        "lessThanOrEqual": "6.6.*",
        "status": "unaffected",
        "versionType": "custom"
      },
      {
        "version": "6.10.10",
        "lessThanOrEqual": "6.10.*",
        "status": "unaffected",
        "versionType": "custom"
      },
      {
        "version": "6.11",
        "lessThanOrEqual": "*",
        "status": "unaffected",
        "versionType": "original_commit_for_fix"
      }
    ]
  }
]

Related

osv 1
cve 1
nvd 1
debiancve 1
osv
osv
CVE-2024-46742
2024-09-18 08:15:03
cve
cve
CVE-2024-46742
2024-09-18 08:15:03
nvd
nvd
CVE-2024-46742
2024-09-18 08:15:03
debiancve
debiancve
CVE-2024-46742
2024-09-18 08:15:03

EPSS

0

Percentile

16.4%

JSON
Related for CVELIST:CVE-2024-46742
osv1cve1nvd1debiancve1