CVE-2024-35869

HIGH Year: 2024
CVSS v3 Score
8.4
High
Weakness Type
CWE-416
View all →

Vulnerability Description

In the Linux kernel, the following vulnerability has been resolved: smb: client: guarantee refcounted children from parent session Avoid potential use-after-free bugs when walking DFS referrals, mounting and performing DFS failover by ensuring that all children from parent @tcon->ses are also refcounted. They're all needed across the entire DFS mount. Get rid of @tcon->dfs_ses_list while we're at it, too.

Related Vulnerabilities

CVE-2018-5891

HIGH
CVSS:8.4(High)

While processing modem SSR after IMS is registered, the IMS data daemon is restarted but the ipc_dataHandle is no longer available. Consequently, the DPL thread frees the internal memory for dataDHand...

CWE-4162018

CVE-2018-9428

HIGH
CVSS:8.4(High)

In startDevice of AAudioServiceStreamBase.cpp there is a possible out of bounds write due to a use after free. This could lead to local arbitrary code execution with no additional execution privileges...

CWE-4162018

CVE-2021-46973

HIGH
CVSS:8.4(High)

In the Linux kernel, the following vulnerability has been resolved: net: qrtr: Avoid potential use after free in MHI send It is possible that the MHI ul_callback will be invoked immediately following ...

CWE-4162021

CVE-2021-47232

HIGH
CVSS:8.4(High)

In the Linux kernel, the following vulnerability has been resolved: can: j1939: fix Use-after-Free, hold skb ref while in use This patch fixes a Use-after-Free found by the syzbot. The problem is that...

CWE-4162021

CVE-2021-47456

HIGH
CVSS:8.4(High)

In the Linux kernel, the following vulnerability has been resolved: can: peak_pci: peak_pci_remove(): fix UAF When remove the module peek_pci, referencing 'chan' again after releasing 'dev' will cause...

CWE-4162021