Security Advisory

CVE-2023-1192

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2023-11-01 19:01:47

Last updated 2025-02-27 20:36:33

Assigner redhat

State PUBLISHED

Description

A use-after-free flaw was found in smb2_is_status_io_timeout() in CIFS in the Linux Kernel. After CIFS transfers response data to a system call, there are still local variable points to the memory region, and if the system call frees it faster than CIFS uses it, CIFS will access a free memory region, leading to a denial of service.

← Browse all CVEs View on cve.org ↗