CVE-2024-53095

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Nov 21, 2024
Updated: Dec 11, 2024
CWE ID 416

Summary

CVE-2024-53095 is a vulnerability affecting the Linux kernel's smb (Server Message Block) module. The issue stems from a use-after-free problem in the handling of network namespaces. When mounting CIFS (Common Internet File System) in a non-root network namespace, dropping packets, and then destroying the namespace while unmounting CIFS, a use-after-free condition can occur. This vulnerability can lead to a kernel oops or panic, potentially causing the affected pod to die. To mitigate the issue, the proposed solution is to hold the netns refcnt for each socket, as done for SMC (Secure Multipurpose Internet Mail Extensions). This modification will help ensure the netns is freed before the socket, preventing use-after-free scenarios.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share