Vulnerability Description
In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential UAF in cifs_dump_full_key() Skip sessions that are being teared down (status == SES_EXITING) to avoid UAF.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Debian | Debian Linux | 11.0 |
| Linux | Linux Kernel | >= 5.13, < 5.15.181 |
Related Weaknesses (CWE)
References
- https://git.kernel.org/stable/c/10e17ca4000ec34737bde002a13435c38ace2682Patch
- https://git.kernel.org/stable/c/3103163ccd3be4adcfa37e15608fb497be044113Patch
- https://git.kernel.org/stable/c/58acd1f497162e7d282077f816faa519487be045Patch
- https://git.kernel.org/stable/c/d798fd98e3563027c5162259ead517057d6fa794Patch
- https://git.kernel.org/stable/c/f4a60d360d9114b5085701a3702a0102b0d6d846Patch
- https://git.kernel.org/stable/c/10e17ca4000ec34737bde002a13435c38ace2682Patch
- https://git.kernel.org/stable/c/3103163ccd3be4adcfa37e15608fb497be044113Patch
- https://git.kernel.org/stable/c/58acd1f497162e7d282077f816faa519487be045Patch
- https://lists.debian.org/debian-lts-announce/2025/05/msg00045.htmlMailing ListThird Party Advisory
FAQ
What is CVE-2024-35866?
CVE-2024-35866 is a vulnerability with a CVSS score of 7.8 (HIGH). In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential UAF in cifs_dump_full_key() Skip sessions that are being teared down (status == SES_EXITING) to avoid U...
How severe is CVE-2024-35866?
CVE-2024-35866 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2024-35866?
Check the references section above for vendor advisories and patch information. Affected products include: Debian Debian Linux, Linux Linux Kernel.