CVE-2024-26928

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2024-26928
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-26928.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2024-26928
Downstream
Related
Published
2024-04-28T11:28:01.529Z
Modified
2025-11-28T02:35:42.927693Z
Summary
smb: client: fix potential UAF in cifs_debug_files_proc_show()
Details

In the Linux kernel, the following vulnerability has been resolved:

smb: client: fix potential UAF in cifsdebugfilesprocshow()

Skip sessions that are being teared down (status == SES_EXITING) to avoid UAF.

Database specific 
{
    "cna_assigner": "Linux",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/26xxx/CVE-2024-26928.json"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
1da177e4c3f41524e886b7f1b8a0c1fc7321cac2
Fixed
8f8718afd446cd4ea3b62bacc3eec09f8aae85ee
Fixed
a140224bcf87eb98a87b67ff4c6826c57e47b704
Fixed
229042314602db62559ecacba127067c22ee7b88
Fixed
a65f2b56334ba4dc30bd5ee9ce5b2691b973344d
Fixed
3402faf78b2516b0af1259baff50cc8453ef0bd1
Fixed
ca545b7f0823f19db0f1148d59bc5e1a56634502

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.10.237
Type
ECOSYSTEM
Events
Introduced
5.11.0
Fixed
5.15.180
Type
ECOSYSTEM
Events
Introduced
5.16.0
Fixed
6.1.85
Type
ECOSYSTEM
Events
Introduced
6.2.0
Fixed
6.6.26
Type
ECOSYSTEM
Events
Introduced
6.7.0
Fixed
6.8.5