PT-2025-11001 · Linux+5 · Linux Kernel+5

H3Xr4Bb1T

Published

2024-12-05

Updated

2025-10-03

CVE-2024-58087

CVSS v3.1

8.1

High

Vector

AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions: Linux kernel (affected versions not specified)

Description: A racy issue has been identified in the Linux kernel, specifically within the ksmbd component. This issue arises from the session lookup and expire processes. To address this, the session reference count is incremented within the lock for lookup, thereby avoiding the racy issue with session expire.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Improper Locking

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-667

Related Identifiers

ALT-PU-2025-12647

BDU:2025-06397

CVE-2024-58087

OESA-2025-1320

OESA-2025-1321

USN-7379-1

USN-7379-2

USN-7380-1

USN-7381-1

USN-7382-1

USN-7387-1

USN-7387-2

USN-7387-3

USN-7388-1

USN-7389-1

USN-7390-1

USN-7407-1

USN-7421-1

USN-7458-1

USN-7459-1

USN-7459-2

USN-7513-1

USN-7513-2

USN-7513-3

USN-7513-4

USN-7513-5

USN-7514-1

USN-7515-1

USN-7515-2

USN-7522-1

USN-7523-1

USN-7524-1

Affected Products

Alt Linux

Astra Linux

Linuxmint

Linux Kernel

Red Os

Ubuntu

PT-2025-11001 · Linux+5 · Linux Kernel+5

CVE-2024-58087

Weakness Enumeration

Related Identifiers

Affected Products

References · 945