Loading HuntDB...

Vulnerability Intelligence by wss.sh

Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog Latest Updates Security News

More Sources

HackerOne Reports

Bug bounty disclosures

WordPress Vulnerabilities

WordPress plugins & themes

Tools & Data

Trending Insights

Popular vulnerabilities

Advanced Search

Filter & search CVEs

Product Inventory

Software & vendors

Sign In Sign Up

CVE-2023-52480

UNKNOWN

Published 2024-02-29T05:43:12.019Z

Actions:

No CVSS data available

Description

In the Linux kernel, the following vulnerability has been resolved:

ksmbd: fix race condition between session lookup and expire

Thread A + Thread B
ksmbd_session_lookup | smb2_sess_setup
sess = xa_load |
|
| xa_erase(&conn->sessions, sess->id);
|
| ksmbd_session_destroy(sess) --> kfree(sess)
|
// UAF! |
sess->last_active = jiffies |
+

This patch add rwsem to fix race condition between ksmbd_session_lookup
and ksmbd_expire_session.

Available Exploits

No exploits available for this CVE.

Related News

No news articles found for this CVE.

Affected Products

Linux

Affected Versions:

0626e6641f6b467447c81dd7678a69c66f7746cf 0626e6641f6b467447c81dd7678a69c66f7746cf 0626e6641f6b467447c81dd7678a69c66f7746cf 0626e6641f6b467447c81dd7678a69c66f7746cf

Linux

Affected Versions:

5.15 0 5.15.145 6.1.57 6.5.7 6.6

References

https://git.kernel.org/stable/c/c77fd3e25a51ac92b0f1b347a96eff6a0b4f066f

https://git.kernel.org/stable/c/a2ca5fd3dbcc665e1169044fa0c9e3eba779202b

https://git.kernel.org/stable/c/18ced78b0ebccc2d16f426143dc56ab3aad666be

https://git.kernel.org/stable/c/53ff5cf89142b978b1a5ca8dc4d4425e6a09745f

Published: 2024-02-29T05:43:12.019Z

Last Modified: 2025-05-04T07:37:35.635Z

Copied to clipboard!