CVE-2024-35999

medium

Description

In the Linux kernel, the following vulnerability has been resolved: smb3: missing lock when picking channel Coverity spotted a place where we should have been holding the channel lock when accessing the ses channel index. Addresses-Coverity: 1582039 ("Data race condition (MISSING_LOCK)")

References

https://git.kernel.org/stable/c/98c7ed29cd754ae7475dc7cb3f33399fda902729

https://git.kernel.org/stable/c/8094a600245e9b28eb36a13036f202ad67c1f887

https://git.kernel.org/stable/c/60ab245292280905603bc0d3654f4cf8fceccb00

https://git.kernel.org/stable/c/0fcf7e219448e937681216353c9a58abae6d3c2e

Details

Source: Mitre, NVD

Published: 2024-05-20

Updated: 2024-10-29

Risk Information

CVSS v2

Base Score: 4.5

Vector: CVSS2#AV:L/AC:H/Au:S/C:N/I:C/A:P

Severity: Medium

CVSS v3

Base Score: 5.5

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Severity: Medium