CVE-2024-50120

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2024-50120

Import Source

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2024-50120

Downstream

Related

Published

2024-11-05T17:10:49.887Z

Modified

2026-03-20T12:38:13.474566Z

Summary

smb: client: Handle kstrdup failures for passwords

Details

In the Linux kernel, the following vulnerability has been resolved:

smb: client: Handle kstrdup failures for passwords

In smb3_reconfigure(), after duplicating ctx->password and ctx->password2 with kstrdup(), we need to check for allocation failures.

If ses->password allocation fails, return -ENOMEM. If ses->password2 allocation fails, free ses->password, set it to NULL, and return -ENOMEM.

Database specific

{
    "cna_assigner": "Linux",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/50xxx/CVE-2024-50120.json"
}

References

Affected packages

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

7e8cffa4f85e6839335d75e6b47f918d90c1d194

Fixed

35dbac8c328d6afe937cd45ecd41d209d0b9f8b8

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

c1eb537bf4560b3ad4df606c266c665624f3b502

Fixed

35488799b0ab6e4327f82e1d9209a60805665b37

Fixed

9a5dd61151399ad5a5d69aad28ab164734c1e3bc

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Last affected

e78308a6dcab1e53b38b8dd952e69c515cd324d7

Last affected

2a0fc63f1f4fccfeb367d0c57b8a243cec60c26c

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-50120.json"