CVE-2024-35868

Published: May 19, 2024

Modified: May 23, 2026

PUBLISHED

Description

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential UAF in cifs_stats_proc_write() Skip sessions that are being teared down (status == SES_EXITING) to avoid UAF.

Vendor	Product	Versions
Linux	Linux	affected `7f48558e6489d032b1584b0cc9ac4bb11072c034 - < 8fefd166fcb368c5fcf48238e3f7c8af829e0a72` affected `7f48558e6489d032b1584b0cc9ac4bb11072c034 - < cf03020c56d3ed28c4942280957a007b5e9544f7` affected `7f48558e6489d032b1584b0cc9ac4bb11072c034 - < 5b5475ce69f02ecc1b13ea23106e5b89c690429b` affected `7f48558e6489d032b1584b0cc9ac4bb11072c034 - < d3da25c5ac84430f89875ca7485a3828150a7e0a` affected `a67172a013953664b1dad03c648200c70b90506c` +1 more versions
Linux	Linux	affected `3.13` unaffected `0 - < 3.13` unaffected `6.1.85 - <= 6.1.` unaffected `6.6.26 - <= 6.6.` unaffected `6.8.5 - <= 6.8.*` +1 more versions

References

https://git.kernel.org/stable/c/8fefd166fcb368c5fcf48238e3f7c8af829e0a72

https://git.kernel.org/stable/c/cf03020c56d3ed28c4942280957a007b5e9544f7

https://git.kernel.org/stable/c/5b5475ce69f02ecc1b13ea23106e5b89c690429b

https://git.kernel.org/stable/c/d3da25c5ac84430f89875ca7485a3828150a7e0a

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2024-35868

Description

Affected Products

References