CVE-2024-58087

Published: Mar 12, 2025Modified: Apr 23, 2026

8.1

Vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Exploitability: 2.2 / Impact: 5.9

Source: NVD

Description

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix racy issue from session lookup and expire Increment the session reference count within the lock for lookup to avoid racy issue with session expire.

Affected (7)

Products: Linux: Linux Kernel

1 product

Configuration A

7 vulnerable

Vulnerable Software	Affected Versions
Linux Linux Kernel	From 5.15.145 to 5.15.176
Linux Linux Kernel	From 6.1.29 to 6.1.121
Linux Linux Kernel	From 6.2.16 to 6.3
Linux Linux Kernel	From 6.3.2 to 6.4
Linux Linux Kernel	From 6.7 to 6.12.6
Linux Linux Kernel	Version 6.13 rc1
Linux Linux Kernel	Version 6.13 rc2

Related CWEs

Improper Locking

The product does not properly acquire or release a lock on a resource, leading to unexpected resource state changes and behaviors.

References (6)

https://git.kernel.org/stable/c/2107ab40629aeabbec369cf34b8cf0f288c3eb1b

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/37a0e2b362b3150317fb6e2139de67b1e29ae5ff

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/450a844c045ff0895d41b05a1cbe8febd1acfcfd

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/a39e31e22a535d47b14656a7d6a893c7f6cf758c

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/b95629435b84b9ecc0c765995204a4d8a913ed52

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://www.zerodayinitiative.com/advisories/ZDI-25-100/

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

PatchThird Party Advisory

Timeline

No history available yet.