CVE-2024-46736

Published: Sep 18, 2024Modified: Sep 26, 2025

7.8

Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Exploitability: 1.8 / Impact: 5.9

Source: NVD

Description

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix double put of @cfile in smb2_rename_path() If smb2_set_path_attr() is called with a valid @cfile and returned -EINVAL, we need to call cifs_get_writable_path() again as the reference of @cfile was already dropped by previous smb2_compound_op() call.

Affected (8)

Products: Linux: Linux Kernel

Linux

1 product

Linux Kernel

Configuration A

8 vulnerable

Vulnerable Software	Affected Versions
Linux Linux Kernel	From 6.6.32 to 6.6.51
Linux Linux Kernel	From 6.9 to 6.10.10
Linux Linux Kernel	Version 6.11 rc1
Linux Linux Kernel	Version 6.11 rc2
Linux Linux Kernel	Version 6.11 rc3
Linux Linux Kernel	Version 6.11 rc4
Linux Linux Kernel	Version 6.11 rc5
Linux Linux Kernel	Version 6.11 rc6

Related CWEs

CWE-415

Double Free

The product calls free() twice on the same memory address, potentially leading to modification of unexpected memory locations.

References (3)

https://git.kernel.org/stable/c/1a46c7f6546b73cbf36f5a618a1a6bbb45391eb3

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/3523a3df03c6f04f7ea9c2e7050102657e331a4f

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/b27ea9c96efd2c252a981fb00d0f001b86c90f3e

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

Timeline

No history available yet.