#VU93872 Resource management error in Linux kernel


Published: 2024-07-08

Vulnerability identifier: #VU93872

Vulnerability risk: Low

CVSSv3.1: 3.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-26822

CWE-ID: CWE-399

Exploitation vector: Local

Exploit availability: No

Vulnerable software:
Linux kernel
Operating systems & Components / Operating system

Vendor: Linux Foundation

Description

The vulnerability allows a local user to gain access to sensitive information.

The vulnerability exists due to improper management of internal resources within the automount_fullpath() and cifs_do_automount() functions in fs/smb/client/namespace.c. A local user can force the SMB client to reuse its parent mount uid, gid and cruid and gain unauthorized access to information.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

Linux kernel:


External links
http://git.kernel.org/stable/c/c2aa2718cda2d56b4a551cb40043e9abc9684626
http://git.kernel.org/stable/c/7590ba9057c6d74c66f3b909a383ec47cd2f27fb
http://git.kernel.org/stable/c/4508ec17357094e2075f334948393ddedbb75157


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.


Latest bulletins with this vulnerability