Lucene search
416baaa9-dc9f-4396-8d5f-8c081fb06d67NVD:CVE-2023-52757HistoryMay 21, 2024 - 4:15 p.m.
CVE-2023-52757
2024-05-2116:15:15
416baaa9-dc9f-4396-8d5f-8c081fb06d67
web.nvd.nist.gov
linux
kernel
vulnerability
smb
deadlock
fix
potential
In the Linux kernel, the following vulnerability has been resolved:
smb: client: fix potential deadlock when releasing mids
All release_mid() callers seem to hold a reference of @mid so there is
no need to call kref_put(&mid->refcount, __release_mid) under
@server->mid_lock spinlock. If they don’t, then an use-after-free bug
would have occurred anyways.
By getting rid of such spinlock also fixes a potential deadlock as
shown below
CPU 0 CPU 1
cifs_demultiplex_thread() cifs_debug_data_proc_show()
release_mid()
spin_lock(&server->mid_lock);
spin_lock(&cifs_tcp_ses_lock)
spin_lock(&server->mid_lock)
__release_mid()
smb2_find_smb_tcon()
spin_lock(&cifs_tcp_ses_lock) deadlock
Related
redhatcve
redhatcve
CVE-2023-52757
2024-06-12 00:28:03
debiancve
debiancve
CVE-2023-52757
2024-05-21 16:15:15
cvelist
cvelist
CVE-2023-52757 smb: client: fix potential deadlock when releasing mids
2024-05-21 15:30:44
cve
cve
CVE-2023-52757
2024-05-21 16:15:15
ubuntucve
ubuntucve
CVE-2023-52757
2024-05-21 00:00:00
nessus
nessus
SUSE SLES15 / openSUSE 15 Security Update : kernel (SUSE-SU-2024:2008-1)
2024-06-13 00:00:00
SUSE SLES15 / openSUSE 15 Security Update : kernel (SUSE-SU-2024:2019-1)
2024-06-14 00:00:00