9 matches found
CVE-2023-53794
CVE-2023-53794 is a Linux kernel issue related to the CIFS session reconnect path. The provided documents confirm a fix for a use-after-free vulnerability by hardening the session state check in smb2_reconnect_server() and by avoiding collecting the exiting session in the reconnect flow. Affected...
SUSE CVE-2025-38379
In the Linux kernel, the following vulnerability has been resolved: smb: client: fix warning when reconnecting channel When reconnecting a channel in smb2reconnectserver, a dummy tcon is passed down to smb2reconnect with -queryinterface uninitialized, so we can't call queuedelayedwork on it. Fix...
CVE-2025-38379
In the Linux kernel, the following vulnerability has been resolved: smb: client: fix warning when reconnecting channel When reconnecting a channel in smb2reconnectserver, a dummy tcon is passed down to smb2reconnect with -queryinterface uninitialized, so we can't call queuedelayedwork on it. Fix...
CVE-2025-38379
In the Linux kernel, the following vulnerability has been resolved: smb: client: fix warning when reconnecting channel When reconnecting a channel in smb2reconnectserver, a dummy tcon is passed down to smb2reconnect with -queryinterface uninitialized, so we can't call queuedelayedwork on it. Fix...
Linux Distros Unpatched Vulnerability : CVE-2024-35870
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - smb: client: fix UAF in smb2reconnectserver The UAF bug is due to smb2reconnectserver accessing a session that is already being teared down by another thread th...
kernel: smb: client: fix UAF in smb2_reconnect_server()
A flaw was found in the smb client in the Linux kernel. A potential use-after-free error was seen in the smb2reconnectserver function. This issue can lead to the crash of a client user session...
DEBIAN-CVE-2024-35870
In the Linux kernel, the following vulnerability has been resolved: smb: client: fix UAF in smb2reconnectserver The UAF bug is due to smb2reconnectserver accessing a session that is already being teared down by another thread that is executing cifsputsmbses. This can happen when a the client has...
UBUNTU-CVE-2024-35870
In the Linux kernel, the following vulnerability has been resolved: smb: client: fix UAF in smb2reconnectserver The UAF bug is due to smb2reconnectserver accessing a session that is already being teared down by another thread that is executing cifsputsmbses. This can happen when a the client has...
PT-2024-3838
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.6.37 Description The issue is related to a Use-After-Free UAF bug in the smb2 reconnect server function. This bug occurs when smb2 reconnect server accesses a session that is already being torn down by another...