vulnerability
Ubuntu: (Multiple Advisories) (CVE-2023-52752): Linux kernel vulnerabilities
Severity | CVSS | Published | Added | Modified |
---|---|---|---|---|
7 | (AV:L/AC:L/Au:S/C:C/I:C/A:C) | 05/21/2024 | 07/31/2024 | 01/28/2025 |
Description
In the Linux kernel, the following vulnerability has been resolved:
smb: client: fix use-after-free bug in cifs_debug_data_proc_show()
Skip SMB sessions that are being teared down
(e.g. @ses->ses_status == SES_EXITING) in cifs_debug_data_proc_show()
to avoid use-after-free in @ses.
This fixes the following GPF when reading from /proc/fs/cifs/DebugData
while mounting and umounting
[ 816.251274] general protection fault, probably for non-canonical
address 0x6b6b6b6b6b6b6d81: 0000 [#1] PREEMPT SMP NOPTI
...
[ 816.260138] Call Trace:
[ 816.260329]
[ 816.260499] ? die_addr+0x36/0x90
[ 816.260762] ? exc_general_protection+0x1b3/0x410
[ 816.261126] ? asm_exc_general_protection+0x26/0x30
[ 816.261502] ? cifs_debug_tcon+0xbd/0x240 [cifs]
[ 816.261878] ? cifs_debug_tcon+0xab/0x240 [cifs]
[ 816.262249] cifs_debug_data_proc_show+0x516/0xdb0 [cifs]
[ 816.262689] ? seq_read_iter+0x379/0x470
[ 816.262995] seq_read_iter+0x118/0x470
[ 816.263291] proc_reg_read_iter+0x53/0x90
[ 816.263596] ? srso_alias_return_thunk+0x5/0x7f
[ 816.263945] vfs_read+0x201/0x350
[ 816.264211] ksys_read+0x75/0x100
[ 816.264472] do_syscall_64+0x3f/0x90
[ 816.264750] entry_SYSCALL_64_after_hwframe+0x6e/0xd8
[ 816.265135] RIP: 0033:0x7fd5e669d381
Solution(s)
References
- CVE-2023-52752
- https://attackerkb.com/topics/CVE-2023-52752
- UBUNTU-USN-6923-1
- UBUNTU-USN-6923-2
- UBUNTU-USN-6926-1
- UBUNTU-USN-6926-2
- UBUNTU-USN-6926-3
- UBUNTU-USN-6927-1
- UBUNTU-USN-6938-1
- UBUNTU-USN-6951-1
- UBUNTU-USN-6951-2
- UBUNTU-USN-6951-3
- UBUNTU-USN-6951-4
- UBUNTU-USN-6953-1
- UBUNTU-USN-6956-1
- UBUNTU-USN-6957-1
- UBUNTU-USN-6979-1
- UBUNTU-USN-7019-1

Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.