PT-2024-3840 · Linux+7 · Linux Kernel+7

Paulo Alcantara

·

Published

2024-04-03

·

Updated

2026-05-26

·

CVE-2024-35867

CVSS v3.1

7.8

High

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)
Description The issue is related to a potential use-after-free (UAF) vulnerability in the cifs stats proc show() function of the Linux kernel's SMB client implementation. This vulnerability may allow an attacker to cause a denial of service. The vulnerability is resolved by skipping sessions that are being torn down to avoid UAF.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

DoS

Use After Free

Weakness Enumeration

CWE-416

Related Identifiers

ALSA-2025_12746
ALSA-2025_12752
ALSA-2025_12753
ALSA-2025_16880
AZL-54726
BDU:2024-04220
CVE-2024-35867
DLA-4178-1
INFSA-2024_9315
OPENSUSE-SU-2024_2189-1
OPENSUSE-SU-2024_3777-1
OPENSUSE-SU-2024_3793-1
OPENSUSE-SU-2024_3799-1
OPENSUSE-SU-2024_3805-1
OPENSUSE-SU-2024_3806-1
OPENSUSE-SU-2024_3815-1
OPENSUSE-SU-2024_3824-1
OPENSUSE-SU-2024_3829-1
OPENSUSE-SU-2024_3830-1
OPENSUSE-SU-2024_3831-1
OPENSUSE-SU-2024_3837-1
OPENSUSE-SU-2024_3838-1
OPENSUSE-SU-2024_3842-1
OPENSUSE-SU-2024_3851-1
OPENSUSE-SU-2024_3852-1
OPENSUSE-SU-2024_3855-1
OPENSUSE-SU-2024_3857-1
OPENSUSE-SU-2024_3859-1
OPENSUSE-SU-2024_3860-1
OPENSUSE-SU-2024_3880-1
OPENSUSE-SU-2024_4122-1
OPENSUSE-SU-2024_4123-1
OPENSUSE-SU-2024_4124-1
OPENSUSE-SU-2024_4125-1
OPENSUSE-SU-2024_4207-1
OPENSUSE-SU-2024_4214-1
OPENSUSE-SU-2024_4216-1
OPENSUSE-SU-2024_4218-1
OPENSUSE-SU-2024_4234-1
OPENSUSE-SU-2024_4235-1
OPENSUSE-SU-2024_4236-1
OPENSUSE-SU-2024_4243-1
OPENSUSE-SU-2024_4266-1
OPENSUSE-SU-2025_0107-1
OPENSUSE-SU-2025_0109-1
OPENSUSE-SU-2025_0114-1
OPENSUSE-SU-2025_0115-1
OPENSUSE-SU-2025_0124-1
OPENSUSE-SU-2025_0146-1
OPENSUSE-SU-2025_0150-1
OPENSUSE-SU-2025_0158-1
OPENSUSE-SU-2025_0164-1
OPENSUSE-SU-2025_0248-1
OPENSUSE-SU-2025_0251-1
OPENSUSE-SU-2025_0252-1
OPENSUSE-SU-2025_0253-1
OPENSUSE-SU-2025_0254-1
OPENSUSE-SU-2025_0261-1
OPENSUSE-SU-2025_0264-1
OPENSUSE-SU-2025_0266-1
RHSA-2024:9315
RHSA-2024_9315
SUSE-SU-2024:2008-1
SUSE-SU-2024:2011-1
SUSE-SU-2024:2019-1
SUSE-SU-2024:2135-1
SUSE-SU-2024:2189-1
SUSE-SU-2024:2190-1
SUSE-SU-2024:2203-1
SUSE-SU-2024:2360-1
SUSE-SU-2024:2381-1
SUSE-SU-2024:2561-1
SUSE-SU-2024:2973-1
SUSE-SU-2024:3777-1
SUSE-SU-2024:3793-1
SUSE-SU-2024:3799-1
SUSE-SU-2024:3805-1
SUSE-SU-2024:3806-1
SUSE-SU-2024:3815-1
SUSE-SU-2024:3816-1
SUSE-SU-2024:3820-1
SUSE-SU-2024:3821-1
SUSE-SU-2024:3822-1
SUSE-SU-2024:3824-1
SUSE-SU-2024:3829-1
SUSE-SU-2024:3830-1
SUSE-SU-2024:3831-1
SUSE-SU-2024:3834-1
SUSE-SU-2024:3837-1
SUSE-SU-2024:3838-1
SUSE-SU-2024:3842-1
SUSE-SU-2024:3851-1
SUSE-SU-2024:3852-1
SUSE-SU-2024:3855-1
SUSE-SU-2024:3857-1
SUSE-SU-2024:3859-1
SUSE-SU-2024:3860-1
SUSE-SU-2024:3880-1
SUSE-SU-2024:4122-1
SUSE-SU-2024:4123-1
SUSE-SU-2024:4124-1
SUSE-SU-2024:4125-1
SUSE-SU-2024:4197-1
SUSE-SU-2024:4207-1
SUSE-SU-2024:4214-1
SUSE-SU-2024:4216-1
SUSE-SU-2024:4218-1
SUSE-SU-2024:4226-1
SUSE-SU-2024:4234-1
SUSE-SU-2024:4235-1
SUSE-SU-2024:4236-1
SUSE-SU-2024:4243-1
SUSE-SU-2024:4249-1
SUSE-SU-2024:4266-1
SUSE-SU-2025:0091-1
SUSE-SU-2025:0097-1
SUSE-SU-2025:0103-1
SUSE-SU-2025:0107-1
SUSE-SU-2025:0109-1
SUSE-SU-2025:0114-1
SUSE-SU-2025:0115-1
SUSE-SU-2025:0124-1
SUSE-SU-2025:0146-1
SUSE-SU-2025:0150-1
SUSE-SU-2025:0158-1
SUSE-SU-2025:0164-1
SUSE-SU-2025:0248-1
SUSE-SU-2025:0251-1
SUSE-SU-2025:0252-1
SUSE-SU-2025:0253-1
SUSE-SU-2025:0254-1
SUSE-SU-2025:0261-1
SUSE-SU-2025:0264-1
SUSE-SU-2025:0266-1
SUSE-SU-2025:20008-1
SUSE-SU-2025:20028-1
USN-6893-1
USN-6893-2
USN-6893-3
USN-6918-1
USN-7654-1
USN-7654-2
USN-7654-3
USN-7654-4
USN-7654-5
USN-7655-1
USN-7686-1
USN-7711-1
USN-7712-1
USN-7712-2
USN-7874-1
USN-7874-2
USN-7874-3
USN-7939-1
USN-7939-2

Affected Products

Astra Linux
Debian
Linuxmint
Linux Kernel
Red Hat
Red Os
Suse
Ubuntu