RHBA-2024%3A5207
In the Linux kernel, the following vulnerability has been resolved: cifs: fix mid leak during reconnection after timeout threshold When the number of responses with status of STATUS_IO_TIMEOUT exceeds a specified threshold (NUM_STATUS_IO_TIMEOUT), we reconnect the connection. But we do not return the mid, or the credits returned for the mid, or reduce the number of in-flight requests. This bug could result in the server->in_flight count to go bad, and also cause a leak in the mids. This change moves the check to a few lines below where the response is decrypted, even of the response is read from the transform header. This way, the code for returning the mids can be reused. Also, the cifs_reconnect was reconnecting just the transport connection before. In case of multi-channel, this may not be what we want to do after several timeouts. Changed that to reconnect the session and the tree too. Also renamed NUM_STATUS_IO_TIMEOUT to a more appropriate name MAX_STATUS_IO_TIMEOUT.
Risk Scores
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Red Hat | rhel8/flatpak-sdk@sha256:37a786d6f9ebeb1f63d0672026492ec9040bf6eb50253ea1b9dc7c3e03a8a438_amd64 as a component of Red Hat Enterprise Linux AppStream (v. 8) | rhel8/flatpak-sdk@sha256:37a786d6f9ebeb1f63d0672026492ec9040bf6eb50253ea1b9dc7c3e03a8a438_amd64 |
Timeline
- Aug 12, 2024 CVE Published
- Feb 23, 2026 CVE Updated
- May 2, 2026 Distribution Patch
- May 2, 2026 Security Advisory
- May 2, 2026 Security Advisory
- May 2, 2026 Security Advisory
- May 2, 2026 Security Advisory
References
- https://access.redhat.com/errata/RHBA-2024:5207 advisory
- https://access.redhat.com/errata/RHSA-2024:5101 advisory
- https://catalog.redhat.com/software/containers/registry/registry.access.redhat.com/repository/el8/flatpak-sdk advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=2263879 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=2265645 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=2265650 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=2265797 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=2266341 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=2266347 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=2266497 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=2266594 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=2267787 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=2268118 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=2269070 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=2269211 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=2270084 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=2270100 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=2270700 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=2271686 issue
- https://bugzilla.redhat.com/show_bug.cgi?id=2271688 issue
…and 155 more