CVE-2024-35864

Published: May 19, 2024

Modified: May 23, 2026

PUBLISHED

Description

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential UAF in smb2_is_valid_lease_break() Skip sessions that are being teared down (status == SES_EXITING) to avoid UAF.

Vendor	Product	Versions
Linux	Linux	affected `7f48558e6489d032b1584b0cc9ac4bb11072c034 - < c868cabdf6fdd61bea54532271f4708254e57fc5` affected `7f48558e6489d032b1584b0cc9ac4bb11072c034 - < f92739fdd4522c4291277136399353d7c341fae4` affected `7f48558e6489d032b1584b0cc9ac4bb11072c034 - < a8344e2b69bde63f713b0aa796d70dbeadffddfb` affected `7f48558e6489d032b1584b0cc9ac4bb11072c034 - < 705c76fbf726c7a2f6ff9143d4013b18daaaebf1` affected `a67172a013953664b1dad03c648200c70b90506c` +1 more versions
Linux	Linux	affected `3.13` unaffected `0 - < 3.13` unaffected `6.1.85 - <= 6.1.` unaffected `6.6.26 - <= 6.6.` unaffected `6.8.5 - <= 6.8.*` +1 more versions

References

https://git.kernel.org/stable/c/c868cabdf6fdd61bea54532271f4708254e57fc5

https://git.kernel.org/stable/c/f92739fdd4522c4291277136399353d7c341fae4

https://git.kernel.org/stable/c/a8344e2b69bde63f713b0aa796d70dbeadffddfb

https://git.kernel.org/stable/c/705c76fbf726c7a2f6ff9143d4013b18daaaebf1

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2024-35864

Description

Affected Products

References