Use After Free Vulnerability in Linux Kernel's SMB2 Tree Disconnect Feature
CVE-2023-53358
Currently unrated
What is CVE-2023-53358?
The Linux kernel has addressed a use-after-free vulnerability found in the concurrent handling of the SMB2 tree disconnect operation within the ksmbd component. This issue could be exploited to cause unexpected behavior or crashes by manipulating concurrent access to resources. To mitigate this risk, a patch has been implemented that introduces the TREE_CONN_EXPIRE flag, effectively managing concurrent access and enhancing overall system integrity.
Affected Version(s)
Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2
Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2
Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2