CVE-2024-46742

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2024-46742
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-46742.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2024-46742
Downstream
Published
2024-09-18T07:12:03.251Z
Modified
2026-05-07T04:18:43.306229Z
Summary
smb/server: fix potential null-ptr-deref of lease_ctx_info in smb2_open()
Details

In the Linux kernel, the following vulnerability has been resolved:

smb/server: fix potential null-ptr-deref of leasectxinfo in smb2_open()

null-ptr-deref will occur when (reqoplevel == SMB2OPLOCKLEVELLEASE) and parselease_state() return NULL.

Fix this by check if 'leasectxinfo' is NULL.

Additionally, remove the redundant parentheses in parsedurablehandle_context().

Database specific 
{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/46xxx/CVE-2024-46742.json",
    "cna_assigner": "Linux"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
0626e6641f6b467447c81dd7678a69c66f7746cf
Fixed
878f32878351104448b86ef5b85d1f8ed6f599fb
Fixed
ec28c35029b7930f31117f9284874b63bea4f31b
Fixed
07f384c5be1f8633b13f0a22616e227570450bc6
Fixed
3b692794b81f2ecad69a4adbba687f3836824ada
Fixed
4e8771a3666c8f216eefd6bd2fd50121c6c437db

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-46742.json"

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
5.15.0
Fixed
5.15.181
Type
ECOSYSTEM
Events
Introduced
5.16.0
Fixed
6.1.135
Type
ECOSYSTEM
Events
Introduced
6.2.0
Fixed
6.6.51
Type
ECOSYSTEM
Events
Introduced
6.7.0
Fixed
6.10.10

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-46742.json"