CVE-2024-26928

HIGH

Linux Kernel - Use After Free

Title source: llm

Description

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential UAF in cifs_debug_files_proc_show() Skip sessions that are being teared down (status == SES_EXITING) to avoid UAF.

References (7)

Scores

CVSS v3 7.8
EPSS 0.0002
EPSS Percentile 3.8%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Classification

CWE
CWE-416
Status published

Affected Products (9)

debian/debian_linux
linux/linux_kernel < 5.10.237
linux/linux_kernel
linux/linux_kernel
linux/Kernel < 5.10.237linux
linux/Kernel < 5.15.180linux
linux/Kernel < 6.1.85linux
linux/Kernel < 6.6.26linux
linux/Kernel < 6.8.5linux

Timeline

Published Apr 28, 2024
Tracked Since Feb 18, 2026