Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
CVE Vulnerability Details :
CVE-2024-35866
PUBLISHED
More InfoOfficial Page
Assigner-Linux
Assigner Org ID-416baaa9-dc9f-4396-8d5f-8c081fb06d67
View Known Exploited Vulnerability (KEV) details
Published At-19 May, 2024 | 08:34
Updated At-04 May, 2025 | 09:07
Rejected At-
▼CVE Numbering Authority (CNA)
smb: client: fix potential UAF in cifs_dump_full_key()

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential UAF in cifs_dump_full_key() Skip sessions that are being teared down (status == SES_EXITING) to avoid UAF.

Affected Products
Vendor
Linux Kernel Organization, IncLinux
Product
Linux
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Program Files
  • fs/smb/client/ioctl.c
Default Status
unaffected
Versions
Affected
  • From 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 before d798fd98e3563027c5162259ead517057d6fa794 (git)
  • From 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 before f4a60d360d9114b5085701a3702a0102b0d6d846 (git)
  • From 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 before 10e17ca4000ec34737bde002a13435c38ace2682 (git)
  • From 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 before 3103163ccd3be4adcfa37e15608fb497be044113 (git)
  • From 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 before 58acd1f497162e7d282077f816faa519487be045 (git)
Vendor
Linux Kernel Organization, IncLinux
Product
Linux
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Program Files
  • fs/smb/client/ioctl.c
Default Status
affected
Versions
Unaffected
  • From 5.15.181 through 5.15.* (semver)
  • From 6.1.132 through 6.1.* (semver)
  • From 6.6.26 through 6.6.* (semver)
  • From 6.8.5 through 6.8.* (semver)
  • From 6.9 through * (original_commit_for_fix)
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://git.kernel.org/stable/c/d798fd98e3563027c5162259ead517057d6fa794
N/A
https://git.kernel.org/stable/c/f4a60d360d9114b5085701a3702a0102b0d6d846
N/A
https://git.kernel.org/stable/c/10e17ca4000ec34737bde002a13435c38ace2682
N/A
https://git.kernel.org/stable/c/3103163ccd3be4adcfa37e15608fb497be044113
N/A
https://git.kernel.org/stable/c/58acd1f497162e7d282077f816faa519487be045
N/A
▼Authorized Data Publishers (ADP)
1. CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
2. CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://git.kernel.org/stable/c/10e17ca4000ec34737bde002a13435c38ace2682
x_transferred
https://git.kernel.org/stable/c/3103163ccd3be4adcfa37e15608fb497be044113
x_transferred
https://git.kernel.org/stable/c/58acd1f497162e7d282077f816faa519487be045
x_transferred
Details not found