Main Vulnerability Database SB20250117149

SB20250117149 - Resource management error in Linux kernel smb server

Published: January 17, 2025 Updated: May 11, 2025

Security Bulletin ID SB20250117149

Severity

Low

Patch available

YES

Number of vulnerabilities 1

Exploitation vector Local access

Highest impact Denial of service

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 1 security vulnerability.

1) Resource management error (CVE-ID: CVE-2024-57895)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the set_file_basic_info() function in fs/smb/server/smb2pdu.c. A local user can perform a denial of service (DoS) attack.

Remediation

Install update from vendor's website.

References

https://git.kernel.org/stable/c/1d7ee876b8b96efc14e177a7fe8d45ac25d68849
https://git.kernel.org/stable/c/21e46a79bbe6c4e1aa73b3ed998130f2ff07b128
https://git.kernel.org/stable/c/52cefcff6a4a814f4f8e357422fcfb71fd2ebf75
https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.12.9