ksmbd:修复 ksmbd_smb2_session_create 中的 slab-use-after-free 问题(CVE-2024-50286)
CVE编号
CVE-2024-50286
利用情况
暂无
补丁情况
N/A
披露时间
2024-11-19
漏洞描述
In the Linux kernel, the following vulnerability has been resolved:
ksmbd: fix slab-use-after-free in ksmbd_smb2_session_create
There is a race condition between ksmbd_smb2_session_create and
ksmbd_expire_session. This patch add missing sessions_table_lock
while adding/deleting session from global session table.
解决建议
建议您更新当前系统或软件至最新版,完成漏洞的修复。
文章评论