CVE - CVE-2024-50285

CVE-ID
CVE-2024-50285	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
In the Linux kernel, the following vulnerability has been resolved: ksmbd: check outstanding simultaneous SMB operations If Client send simultaneous SMB operations to ksmbd, It exhausts too much memory through the "ksmbd_work_cache”. It will cause OOM issue. ksmbd has a credit mechanism but it can't handle this problem. This patch add the check if it exceeds max credits to prevent this problem by assuming that one smb request consumes at least one credit.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
MISC:https://git.kernel.org/stable/c/0a77d947f599b1f39065015bec99390d0c0022ee URL:https://git.kernel.org/stable/c/0a77d947f599b1f39065015bec99390d0c0022ee MISC:https://git.kernel.org/stable/c/1f993777275cbd8f74765c4f9d9285cb907c9be5 URL:https://git.kernel.org/stable/c/1f993777275cbd8f74765c4f9d9285cb907c9be5 MISC:https://git.kernel.org/stable/c/e257ac6fe138623cf59fca8898abdf659dbc8356 URL:https://git.kernel.org/stable/c/e257ac6fe138623cf59fca8898abdf659dbc8356
Assigning CNA
kernel.org
Date Record Created
20241021	Disclaimer: The record creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20241021)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an record on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: CVE Request Web Form (select "Other" from dropdown)