CVE-2024-58087

Sažetak

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix racy issue from session lookup and expire Increment the session reference count within the lock for lookup to avoid racy issue with session expire.

Reference

https://git.kernel.org/stable/c/2107ab40629aeabbec369cf34b8cf0f288c3eb1b
https://git.kernel.org/stable/c/37a0e2b362b3150317fb6e2139de67b1e29ae5ff
https://git.kernel.org/stable/c/450a844c045ff0895d41b05a1cbe8febd1acfcfd
https://git.kernel.org/stable/c/a39e31e22a535d47b14656a7d6a893c7f6cf758c
https://git.kernel.org/stable/c/b95629435b84b9ecc0c765995204a4d8a913ed52
https://www.zerodayinitiative.com/advisories/ZDI-25-100/

CVSS

Base:	8.1
Impact:	5.9
Exploitability:	2.2

Pristup

Vektor	Složenost	Autentikacija
NETWORK	HIGH	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
HIGH	HIGH	HIGH

CVSS vektor

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Zadnje važnije ažuriranje

13-03-2025 - 16:22

Objavljeno

12-03-2025 - 08:15