VDB

CISA-2024-46742

CISA-2024-46742 PUBLISHED

Reported by Linux · Published September 18, 2024

In the Linux kernel, the following vulnerability has been resolved: smb/server: fix potential null-ptr-deref of lease_ctx_info in smb2_open() null-ptr-deref will occur when (req_op_level == SMB2_OPLOCK_LEVEL_LEASE) and parse_lease_state() return NULL. Fix this by check if 'lease_ctx_info' is NULL. Additionally, remove the redundant parentheses in parse_durable_handle_context().

Affected Products

VendorProductVersions
LinuxLinux0626e6641f6b467447c81dd7678a69c66f7746cf, 0626e6641f6b467447c81dd7678a69c66f7746cf, 0626e6641f6b467447c81dd7678a69c66f7746cf
LinuxLinux5.15, 0, 5.15.181
linuxlinux_kernel5.15, 5.15, 5.15
LinuxLinux0626e6641f6b467447c81dd7678a69c66f7746cf, 0626e6641f6b467447c81dd7678a69c66f7746cf, 0626e6641f6b467447c81dd7678a69c66f7746cf

Timeline

  • Sep 18, 2024 CVE Published
  • Nov 3, 2025 CVE Updated
Open in Interactive Console →
$ Console Community · 100/wk Open console ›