SUSE CVE-2024-35863

🗓️ 21 May 2024 01:59:43Reported by Suse CVEType

susecve

susecve🔗 www.suse.com👁 1 Views

Linux kernel SMB client fixes potential use-after-free in is_valid_oplock_break by skipping SES_EXITING sessions.

Reporter	Title	Published	Views	Family All 362
AstraLinux	Astra Linux – Vulnerability in Linux 6.1	3 May 202623:59	–	astralinux
BDU FSTEC	The vulnerability of the is_valid_oplock_break() function in the client implementation of the SMB protocol in Linux operating systems allows a hacker to cause a service failure.	30 May 202400:00	–	bdu_fstec
Circl	CVE-2024-35863	3 Dec 202514:14	–	circl
CNNVD	Linux kernel 安全漏洞	19 May 202400:00	–	cnnvd
CVE	CVE-2024-35863	19 May 202408:34	–	cve
Cvelist	CVE-2024-35863 smb: client: fix potential UAF in is_valid_oplock_break()	19 May 202408:34	–	cvelist
Debian CVE	CVE-2024-35863	19 May 202408:34	–	debiancve
Oracle linux	kernel security update	14 Nov 202400:00	–	oraclelinux
Tenable Nessus	MiracleLinux 9 : kernel-5.14.0-503.11.1.el9_5 (AXSA:2025-9528:03)	20 Jan 202600:00	–	nessus
Tenable Nessus	Oracle Linux 9 : kernel (ELSA-2024-9315)	19 Nov 202400:00	–	nessus

OS	OS Version	Architecture	Package	Package Version	Filename
OpenSUSE Leap	15.5	any	cluster-md-kmp-64kb	5.14.21-150500.55.68.1	cluster-md-kmp-64kb-5.14.21-150500.55.68.1.noarch.rpm
OpenSUSE Leap	15.6	any	cluster-md-kmp-64kb	6.4.0-150600.23.7.3	cluster-md-kmp-64kb-6.4.0-150600.23.7.3.noarch.rpm
OpenSUSE Leap	15.5	any	cluster-md-kmp-azure	5.14.21-150500.33.57.1	cluster-md-kmp-azure-5.14.21-150500.33.57.1.noarch.rpm
OpenSUSE Leap	15.6	any	cluster-md-kmp-azure	6.4.0-150600.8.5.4	cluster-md-kmp-azure-6.4.0-150600.8.5.4.noarch.rpm
SUSE Linux Enterprise Server	12.5	any	cluster-md-kmp-default	4.12.14-122.222.1	cluster-md-kmp-default-4.12.14-122.222.1.noarch.rpm
SUSE Linux Enterprise Server	15.4	any	cluster-md-kmp-default	5.14.21-150400.24.122.2	cluster-md-kmp-default-5.14.21-150400.24.122.2.noarch.rpm
OpenSUSE Leap	15.5	any	cluster-md-kmp-default	5.14.21-150500.55.68.1	cluster-md-kmp-default-5.14.21-150500.55.68.1.noarch.rpm
SUSE Linux Enterprise Server	15.5	any	cluster-md-kmp-default	5.14.21-150500.55.68.1	cluster-md-kmp-default-5.14.21-150500.55.68.1.noarch.rpm
SUSE Linux Enterprise Server	15.3	any	cluster-md-kmp-default	5.3.18-150300.59.195.1	cluster-md-kmp-default-5.3.18-150300.59.195.1.noarch.rpm
OpenSUSE Leap	15.6	any	cluster-md-kmp-default	6.4.0-150600.23.7.3	cluster-md-kmp-default-6.4.0-150600.23.7.3.noarch.rpm

Source	Link
suse	www.suse.com/security/cve/CVE-2024-35863
suse	www.suse.com/support/security/rating/
bugzilla	www.bugzilla.suse.com/1224763
bugzilla	www.bugzilla.suse.com/1225011
lists	www.lists.suse.com/pipermail/sle-updates/2024-June/035569.html
lists	www.lists.suse.com/pipermail/sle-updates/2024-June/035575.html
lists	www.lists.suse.com/pipermail/sle-updates/2024-June/035578.html
lists	www.lists.suse.com/pipermail/sle-updates/2024-June/035681.html
lists	www.lists.suse.com/pipermail/sle-updates/2024-June/035721.html
lists	www.lists.suse.com/pipermail/sle-updates/2024-June/035732.html

06 Jun 2026 04:04Current

6.4Medium risk

Vulners AI Score6.4

CVSS 3.17.8

EPSS0.00241

linux kernel server message block use after free oplock break session teardown