CVE-2024-50152

UNKNOWN 0.0

smb: client: fix possible double free in smb2_set_ea()

CVSS Score

0.0

EPSS Score

0.0%

EPSS Percentile

0th

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix possible double free in smb2_set_ea() Clang static checker(scan-build) warning： fs/smb/client/smb2ops.c:1304:2: Attempt to free released memory. 1304 | kfree(ea); | ^~~~~~~~~ There is a double free in such case: 'ea is initialized to NULL' -> 'first successful memory allocation for ea' -> 'something failed, goto sea_exit' -> 'first memory release for ea' -> 'goto replay_again' -> 'second goto sea_exit before allocate memory for ea' -> 'second memory release for ea resulted in double free'. Re-initialie 'ea' to NULL near to the replay_again label, it can fix this double free problem.

Vendor	linux
Product	linux
Ecosystems	Linux Kernel
Industries	Technology
Published	Nov 7, 2024
Last Updated	May 11, 2026

Stay Ahead of the Next One

Get instant alerts for linux linux

Be the first to know when new unknown vulnerabilities affecting linux linux are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

Linux / Linux

433042a91f9373241307725b52de573933ffedbf < b1813c220b76f60b1727984794377c4aa849d4c1 4f1fffa2376922f3d1d506e49c0fd445b023a28e < c9f758ecf2562dfdd4adf12c22921b5de8366123 4f1fffa2376922f3d1d506e49c0fd445b023a28e < 19ebc1e6cab334a8193398d4152deb76019b5d34

Linux / Linux

6.8

References

NVD ↗ CVE.org ↗ EPSS Data ↗

git.kernel.org: https://git.kernel.org/stable/c/b1813c220b76f60b1727984794377c4aa849d4c1 git.kernel.org: https://git.kernel.org/stable/c/c9f758ecf2562dfdd4adf12c22921b5de8366123 git.kernel.org: https://git.kernel.org/stable/c/19ebc1e6cab334a8193398d4152deb76019b5d34