Home > Vulnerability Database > CVE-2024-26592

Mend.io Vulnerability Database

CVE-2024-26592

Good to know:

Date: February 22, 2024

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix UAF issue in ksmbd_tcp_new_connection() The race is between the handling of a new TCP connection and its disconnection. It leads to UAF on `struct tcp_transport` in ksmbd_tcp_new_connection() function.

Language: C

Severity Score

7.8

Related Resources (8)

Url: https://git.kernel.org/stable/c/38d20c62903d669693a1869aa68c4dd5674e2544

Url: http://www.openwall.com/lists/oss-security/2024/03/18/2

Url: https://git.kernel.org/stable/c/380965e48e9c32ee4263c023e1d830ea7e462ed1

Url: https://git.kernel.org/stable/c/24290ba94cd0136e417283b0dbf8fcdabcf62111

Url: https://nvd.nist.gov/vuln/detail/CVE-2024-26592

Url: https://git.kernel.org/stable/c/69d54650b751532d1e1613a4fb433e591aeef126

Url: https://git.kernel.org/stable/c/999daf367b924fdf14e9d83e034ee0f86bc17ec6

Url: https://www.mend.io/vulnerability-database/CVE-2024-26592

Severity Score

7.8

Weakness Type (CWE)

Use After Free

CWE-416

Top Fix

Upgrade Version

Upgrade to version v5.15.149,v6.1.75,v6.6.14,v6.7.2

Learn More

CVSS v3.1

Base Score:	7.8
Attack Vector (AV):	LOCAL
Attack Complexity (AC):	LOW
Privileges Required (PR):	LOW
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	HIGH
Integrity (I):	HIGH
Availability (A):	HIGH

Mend.io Vulnerability Database

We found results for “”

CVE-2024-26592

Good to know:

Date: February 22, 2024

Language: C

Severity Score

Related Resources (8)

Severity Score

Weakness Type (CWE)

Top Fix

Upgrade Version

CVSS v3.1

Do you need more information?