CVE-2024-39468

smb: client: fix deadlock in smb2_find_smb_tcon()

Description

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix deadlock in smb2_find_smb_tcon() Unlock cifs_tcp_ses_lock before calling cifs_put_smb_ses() to avoid such deadlock.

References

Link	Tags
https://git.kernel.org/stable/c/b055752675cd1d1db4ac9c2750db3dc3e89ea261	patch
https://git.kernel.org/stable/c/21f5dd36e655d25a7b45b61c1e537198b671f720	patch
https://git.kernel.org/stable/c/b09b556e48968317887a11243a5331a7bc00ece5	patch
https://git.kernel.org/stable/c/225de871ddf994f69a57f035709cad9c0ab8615a	patch
https://git.kernel.org/stable/c/8d0f5f1ccf675454a833a573c53830a49b7d1a47	patch
https://git.kernel.org/stable/c/02c418774f76a0a36a6195c9dbf8971eb4130a15	patch

Frequently Asked Questions

What is the severity of CVE-2024-39468?: CVE-2024-39468 has been scored as a medium severity vulnerability.
How to fix CVE-2024-39468?: To fix CVE-2024-39468, make sure you are using an up-to-date version of the affected component(s) by checking the vendor release notes. As for now, there are no other specific guidelines available.
Is CVE-2024-39468 being actively exploited in the wild?: As for now, there are no information to confirm that CVE-2024-39468 is being actively exploited. According to its EPSS score, there is a ~0% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2024-39468?: CVE-2024-39468 affects Linux Linux, Linux Linux.

This platform uses data from the NIST NVD, MITRE CVE, MITRE CWE, First.org and CISA KEV but is not endorsed or certified by these entities. CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site.

Description

Category

CWE-667 – Improper Locking

References

Frequently Asked Questions