CVE-2024-35869

Published: May 19, 2024

Modified: May 23, 2026

PUBLISHED

Description

In the Linux kernel, the following vulnerability has been resolved: smb: client: guarantee refcounted children from parent session Avoid potential use-after-free bugs when walking DFS referrals, mounting and performing DFS failover by ensuring that all children from parent @tcon->ses are also refcounted. They're all needed across the entire DFS mount. Get rid of @tcon->dfs_ses_list while we're at it, too.

Vendor	Product	Versions
Linux	Linux	affected `8e3554150d6c80a84b3cb046615d1a0e943811dc - < 645f332c6b63499cc76197f9b6bffcc659ba64cc` affected `8e3554150d6c80a84b3cb046615d1a0e943811dc - < e1db9ae87b7148c021daee1fcc4bc71b2ac58a79` affected `8e3554150d6c80a84b3cb046615d1a0e943811dc - < 062a7f0ff46eb57aff526897bd2bebfdb1d3046a` affected `f30d226bcc9f0e2d97b4a6e94c43a28148fbeab6` affected `c082c3be0f96e759ff2e361d929832fda0b93851` +2 more versions
Linux	Linux	affected `6.4` unaffected `0 - < 6.4` unaffected `6.6.29 - <= 6.6.` unaffected `6.8.5 - <= 6.8.` unaffected `6.9 - <= *`

References

https://git.kernel.org/stable/c/645f332c6b63499cc76197f9b6bffcc659ba64cc

https://git.kernel.org/stable/c/e1db9ae87b7148c021daee1fcc4bc71b2ac58a79

https://git.kernel.org/stable/c/062a7f0ff46eb57aff526897bd2bebfdb1d3046a

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2024-35869

Description

Affected Products

References