CVE-2023-52757
- Source
- https://cve.org/CVERecord?id=CVE-2023-52757
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-52757.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2023-52757
- Downstream
- Related
- Published
- 2024-05-21T15:30:44.248Z
- Modified
- 2026-04-11T12:46:35.789464Z
- Summary
- smb: client: fix potential deadlock when releasing mids
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
smb: client: fix potential deadlock when releasing mids
All releasemid() callers seem to hold a reference of @mid so there is no need to call krefput(&mid->refcount, __releasemid) under @server->midlock spinlock. If they don't, then an use-after-free bug would have occurred anyways.
By getting rid of such spinlock also fixes a potential deadlock as shown below
CPU 0 CPU 1
cifsdemultiplexthread() cifsdebugdataprocshow() releasemid() spinlock(&server->midlock); spinlock(&cifstcpseslock) spinlock(&server->mid_lock) __releasemid() smb2findsmbtcon() spinlock(&cifstcpseslock) deadlock
- Database specific
{ "cna_assigner": "Linux", "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/52xxx/CVE-2023-52757.json" }- References
-
- https://git.kernel.org/stable/c/99f476e27aad5964ab13777d84fda67d1356dec1
- https://git.kernel.org/stable/c/9eb44db68c5b7f5aa22b8fc7de74a3e2e08d1f29
- https://git.kernel.org/stable/c/b9bb9607b1fc12fca51f5632da25b36975f599bf
- https://git.kernel.org/stable/c/c1a5962f1462b64fe7b69f20a4b6af8067bc2d26
- https://git.kernel.org/stable/c/ce49569079a9d4cad26c0f1d4653382fd9a5ca7a
- https://git.kernel.org/stable/c/e6322fd177c6885a21dd4609dc5e5c973d1a2eb7
- https://lists.debian.org/debian-lts-announce/2025/05/msg00030.html
- https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/52xxx/CVE-2023-52757.json
- https://nvd.nist.gov/vuln/detail/CVE-2023-52757
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced7b71843fa7028475b052107664cbe120156a2cfcFixed99f476e27aad5964ab13777d84fda67d1356dec1Fixedce49569079a9d4cad26c0f1d4653382fd9a5ca7aFixed9eb44db68c5b7f5aa22b8fc7de74a3e2e08d1f29Fixedb9bb9607b1fc12fca51f5632da25b36975f599bfFixedc1a5962f1462b64fe7b69f20a4b6af8067bc2d26Fixede6322fd177c6885a21dd4609dc5e5c973d1a2eb7
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedLast affected9871dea42034ee6e73bb2b97ba0284d3d462b230