CVE-2024-53177

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.12.0-rc6

Description A use-after-free vulnerability has been identified in the Linux kernel, specifically in the open cached dir() function. This vulnerability occurs when open cached dir() encounters an error parsing the lease from the server, and the error handling may race with receiving a lease break, resulting in open cached dir() freeing the cfid while the queued work is pending. The vulnerability can be exploited to cause a slab-use-after-free error in smb2 cached lease break().

Recommendations To resolve this issue, update the Linux kernel to a version that includes the fix for this vulnerability. Specifically, update to a version later than 6.12.0-rc6. As a temporary workaround, consider disabling the open cached dir() function until a patch is available. Restrict access to the smb2 cached lease break() function to minimize the risk of exploitation. Avoid using the cfid variable in the affected code paths until the issue is resolved.