Description

In the Linux kernel, the following vulnerability has been resolved: smb: client: Handle kstrdup failures for passwords In smb3_reconfigure(), after duplicating ctx->password and ctx->password2 with kstrdup(), we need to check for allocation failures. If ses->password allocation fails, return -ENOMEM. If ses->password2 allocation fails, free ses->password, set it to NULL, and return -ENOMEM.

INFO

Published Date :

2024-11-05T17:10:49.887Z

Last Modified :

2025-05-04T12:59:34.110Z

Source :

Linux
AFFECTED PRODUCTS

The following products are affected by CVE-2024-50120 vulnerability.

Vendors Products
Linux
  • Linux Kernel
Redhat
  • Enterprise Linux
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2024-50120.

URL Resource
https://git.kernel.org/stable/c/35488799b0ab6e4327f82e1d9209a60805665b37 cve-icon cve-icon
https://git.kernel.org/stable/c/35dbac8c328d6afe937cd45ecd41d209d0b9f8b8 cve-icon cve-icon
https://git.kernel.org/stable/c/9a5dd61151399ad5a5d69aad28ab164734c1e3bc cve-icon cve-icon
https://lore.kernel.org/linux-cve-announce/2024110556-CVE-2024-50120-07e2@gregkh/T cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2024-50120 cve-icon
https://www.cve.org/CVERecord?id=CVE-2024-50120 cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact