CVE-2024-58087

HIGH EPSS 35.8%
Published Mar 12, 20251y ago · Modified Jun 17, 20262w ago
8.1 CVSS 3.1
High
Find Similar
Published Mar 12, 2025 1y ago
Last Modified Jun 17, 2026 2w ago

Description

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix racy issue from session lookup and expire Increment the session reference count within the lock for lookup to avoid racy issue with session expire.

CVSS Details

Base Score
8.1
Exploitability
2.2
Impact
5.9
Vector string
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Attack Vector Network
Attack Complexity High
Privileges Required None
User Interaction None
Scope Unchanged
Confidentiality High
Integrity High
Availability High

Threat Intelligence

EPSS Exploit Probability
35.8% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Weaknesses 1

CWE-667

Affected Products 7

VendorProductVersionRange
linuxlinux_kernel*≥5.15.145  –  <5.15.176
linuxlinux_kernel*≥6.1.29  –  <6.1.121
linuxlinux_kernel*≥6.2.16  –  <6.3
linuxlinux_kernel*≥6.3.2  –  <6.4
linuxlinux_kernel*≥6.7  –  <6.12.6
linuxlinux_kernel6.13any
linuxlinux_kernel6.13any

References 6

  • git.kernel.org https://git.kernel.org/stable/c/2107ab40629aeabbec369cf34b8cf0f288c3eb1b
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/37a0e2b362b3150317fb6e2139de67b1e29ae5ff
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/450a844c045ff0895d41b05a1cbe8febd1acfcfd
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/a39e31e22a535d47b14656a7d6a893c7f6cf758c
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/b95629435b84b9ecc0c765995204a4d8a913ed52
    Patch
  • zerodayinitiative.com https://www.zerodayinitiative.com/advisories/ZDI-25-100/
    PatchThird Party Advisory

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/2107ab40629aeabbec369cf34b8cf0f288c3eb1b
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/37a0e2b362b3150317fb6e2139de67b1e29ae5ff
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/450a844c045ff0895d41b05a1cbe8febd1acfcfd
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/a39e31e22a535d47b14656a7d6a893c7f6cf758c
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/b95629435b84b9ecc0c765995204a4d8a913ed52
    Patch
  • zerodayinitiative.com https://www.zerodayinitiative.com/advisories/ZDI-25-100/
    PatchThird Party Advisory