AZL-35452

See a problem?
Import Source
https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-35452.json
JSON Data
https://api.test.osv.dev/v1/vulns/AZL-35452
Upstream
Published
2024-02-23T14:15:45Z
Modified
2026-04-01T05:12:59.234679Z
Severity
  • 7.1 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H CVSS Calculator
Summary
CVE-2024-26594 affecting package hyperv-daemons for versions less than 5.15.153.1-1
Details

In the Linux kernel, the following vulnerability has been resolved:

ksmbd: validate mech token in session setup

If client send invalid mech token in session setup request, ksmbd validate and make the error if it is invalid.

References

Affected packages

Azure Linux:2 / hyperv-daemons

Package

Name
hyperv-daemons
Purl
pkg:rpm/azure-linux/hyperv-daemons

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.15.153.1-1

Database specific

source 
"https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-35452.json"