CVE-2023-54280
cifs: fix potential race when tree connecting ipc
In the Linux kernel, the following vulnerability has been resolved:
cifs: fix potential race when tree connecting ipc
Protect access of TCP_Server_Info::hostname when building the ipc tree
name as it might get freed in cifsd thread and thus causing an
use-after-free bug in __tree_connect_dfs_target(). Also, while at it,
update status of IPC tcon on success and then avoid any extra tree
connects.
Affected products
Linux · LinuxWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →