In the Linux kernel, the following vulnerability has been resolved:
smb: client: fix potential UAF in smb2isvalidleasebreak()
Skip sessions that are being teared down (status == SES_EXITING) to avoid UAF.
{ "vanir_signatures": [ { "signature_type": "Function", "target": { "file": "fs/smb/client/smb2misc.c", "function": "smb2_is_valid_lease_break" }, "id": "CVE-2024-35864-0faf599b", "digest": { "length": 1447.0, "function_hash": "113120745430484388132478770006312280126" }, "deprecated": false, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@a8344e2b69bde63f713b0aa796d70dbeadffddfb", "signature_version": "v1" }, { "signature_type": "Function", "target": { "file": "fs/smb/client/smb2misc.c", "function": "smb2_is_valid_lease_break" }, "id": "CVE-2024-35864-263a4034", "digest": { "length": 1447.0, "function_hash": "113120745430484388132478770006312280126" }, "deprecated": false, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@c868cabdf6fdd61bea54532271f4708254e57fc5", "signature_version": "v1" }, { "signature_type": "Line", "target": { "file": "fs/smb/client/smb2misc.c" }, "id": "CVE-2024-35864-36ac4d7a", "digest": { "threshold": 0.9, "line_hashes": [ "316768831268859764710832990923612703411", "245997098625461161761519844372915809614", "301147941417827664997694115707317261846", "117309645403551182762775664641554292712" ] }, "deprecated": false, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@f92739fdd4522c4291277136399353d7c341fae4", "signature_version": "v1" }, { "signature_type": "Line", "target": { "file": "fs/smb/client/smb2misc.c" }, "id": "CVE-2024-35864-57ac5943", "digest": { "threshold": 0.9, "line_hashes": [ "126871403884537897194181615533056732464", "168377580259307180543468182725352055209", "301147941417827664997694115707317261846", "117309645403551182762775664641554292712" ] }, "deprecated": false, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@c868cabdf6fdd61bea54532271f4708254e57fc5", "signature_version": "v1" }, { "signature_type": "Line", "target": { "file": "fs/smb/client/smb2misc.c" }, "id": "CVE-2024-35864-b98a8f50", "digest": { "threshold": 0.9, "line_hashes": [ "316768831268859764710832990923612703411", "245997098625461161761519844372915809614", "301147941417827664997694115707317261846", "117309645403551182762775664641554292712" ] }, "deprecated": false, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@705c76fbf726c7a2f6ff9143d4013b18daaaebf1", "signature_version": "v1" }, { "signature_type": "Function", "target": { "file": "fs/smb/client/smb2misc.c", "function": "smb2_is_valid_lease_break" }, "id": "CVE-2024-35864-cff9f5dd", "digest": { "length": 1447.0, "function_hash": "113120745430484388132478770006312280126" }, "deprecated": false, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@f92739fdd4522c4291277136399353d7c341fae4", "signature_version": "v1" }, { "signature_type": "Line", "target": { "file": "fs/smb/client/smb2misc.c" }, "id": "CVE-2024-35864-ee9cb187", "digest": { "threshold": 0.9, "line_hashes": [ "316768831268859764710832990923612703411", "245997098625461161761519844372915809614", "301147941417827664997694115707317261846", "117309645403551182762775664641554292712" ] }, "deprecated": false, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@a8344e2b69bde63f713b0aa796d70dbeadffddfb", "signature_version": "v1" }, { "signature_type": "Function", "target": { "file": "fs/smb/client/smb2misc.c", "function": "smb2_is_valid_lease_break" }, "id": "CVE-2024-35864-f55f1f30", "digest": { "length": 1447.0, "function_hash": "113120745430484388132478770006312280126" }, "deprecated": false, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@705c76fbf726c7a2f6ff9143d4013b18daaaebf1", "signature_version": "v1" } ] }