CVE-2024-50286

Published: Nov 19, 2024

Modified: May 11, 2026

PUBLISHED

Description

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix slab-use-after-free in ksmbd_smb2_session_create There is a race condition between ksmbd_smb2_session_create and ksmbd_expire_session. This patch add missing sessions_table_lock while adding/deleting session from global session table.

Vendor	Product	Versions
Linux	Linux	affected `0626e6641f6b467447c81dd7678a69c66f7746cf - < f56446ba5378d19e31040b548a14ee9a8f1500ea` affected `0626e6641f6b467447c81dd7678a69c66f7746cf - < e923503a56b3385b64ae492e3225e4623f560c5b` affected `0626e6641f6b467447c81dd7678a69c66f7746cf - < e7a2ad2044377853cf8c59528dac808a08a99c72` affected `0626e6641f6b467447c81dd7678a69c66f7746cf - < 0a77715db22611df50b178374c51e2ba0d58866e`
Linux	Linux	affected `5.15` unaffected `0 - < 5.15` unaffected `6.1.117 - <= 6.1.` unaffected `6.6.61 - <= 6.6.` unaffected `6.11.8 - <= 6.11.*` +1 more versions

References

https://git.kernel.org/stable/c/f56446ba5378d19e31040b548a14ee9a8f1500ea

https://git.kernel.org/stable/c/e923503a56b3385b64ae492e3225e4623f560c5b

https://git.kernel.org/stable/c/e7a2ad2044377853cf8c59528dac808a08a99c72

https://git.kernel.org/stable/c/0a77715db22611df50b178374c51e2ba0d58866e

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2024-50286

Description

Affected Products

References