CVE-2023-52757
Published: May 21, 2024
Modified: May 23, 2026
Description
In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential deadlock when releasing mids All release_mid() callers seem to hold a reference of @mid so there is no need to call kref_put(&mid->refcount, __release_mid) under @server->mid_lock spinlock. If they don't, then an use-after-free bug would have occurred anyways. By getting rid of such spinlock also fixes a potential deadlock as shown below CPU 0 CPU 1 ------------------------------------------------------------------ cifs_demultiplex_thread() cifs_debug_data_proc_show() release_mid() spin_lock(&server->mid_lock); spin_lock(&cifs_tcp_ses_lock) spin_lock(&server->mid_lock) __release_mid() smb2_find_smb_tcon() spin_lock(&cifs_tcp_ses_lock) *deadlock*
| Vendor | Product | Versions |
|---|---|---|
Linux | Linux | affected 7b71843fa7028475b052107664cbe120156a2cfc - < 99f476e27aad5964ab13777d84fda67d1356dec1affected 7b71843fa7028475b052107664cbe120156a2cfc - < ce49569079a9d4cad26c0f1d4653382fd9a5ca7aaffected 7b71843fa7028475b052107664cbe120156a2cfc - < 9eb44db68c5b7f5aa22b8fc7de74a3e2e08d1f29affected 7b71843fa7028475b052107664cbe120156a2cfc - < b9bb9607b1fc12fca51f5632da25b36975f599bfaffected 7b71843fa7028475b052107664cbe120156a2cfc - < c1a5962f1462b64fe7b69f20a4b6af8067bc2d26+3 more versions |
Linux | Linux | affected 5.5unaffected 0 - < 5.5unaffected 5.10.237 - <= 5.10.*unaffected 5.15.181 - <= 5.15.*unaffected 6.1.64 - <= 6.1.*+3 more versions |
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now