CVE-2024-46742
smb/server: fix potential null-ptr-deref of lease_ctx_info in smb2_open()
In the Linux kernel, the following vulnerability has been resolved:
smb/server: fix potential null-ptr-deref of lease_ctx_info in smb2_open()
null-ptr-deref will occur when (req_op_level == SMB2_OPLOCK_LEVEL_LEASE)
and parse_lease_state() return NULL.
Fix this by check if 'lease_ctx_info' is NULL.
Additionally, remove the redundant parentheses in
parse_durable_handle_context().
Produtos afetados
Linux · LinuxQuer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →Referências
https://git.kernel.org/stable/c/07f384c5be1f8633b13f0a22616e227570450bc6https://git.kernel.org/stable/c/3b692794b81f2ecad69a4adbba687f3836824adahttps://git.kernel.org/stable/c/4e8771a3666c8f216eefd6bd2fd50121c6c437dbhttps://git.kernel.org/stable/c/878f32878351104448b86ef5b85d1f8ed6f599fbhttps://git.kernel.org/stable/c/ec28c35029b7930f31117f9284874b63bea4f31bhttps://lists.debian.org/debian-lts-announce/2025/05/msg00045.html