CVE-2024-35861

Updated: 2024-12-30

CWE: CWE-416

Description:

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential UAF in cifs_signal_cifsd_for_reconnect() Skip sessions that are being teared down (status == SES_EXITING) to avoid UAF.

CVSS3: 7.8


Vendor State

OS Vendor version Errata
RHEL 9 5.14.0-503.11.1.el9_5 RHSA-2024:9315
Debian 12 6.1.85-1 DSA-5658-1
Amazon Linux 2023 6.1.87-99.174.amzn2023 ALAS-2024-613
Ubuntu 24.04 6.8.0-38.38 USN-6893-1

KernelCare State

OS Original kernel version State
RHEL 9
Ready For Release
Debian 12
Planned
Amazon Linux 2023
Planned
Ubuntu 24.04
Planned