Commit 0f62358c authored Oct 08, 2024 by Namjae Jeon Committed by Greg Kroah-Hartman Nov 08, 2024

ksmbd: fix user-after-free from session log off



[ Upstream commit 7aa8804c ]

There is racy issue between smb2 session log off and smb2 session setup.
It will cause user-after-free from session log off.
This add session_lock when setting SMB2_SESSION_EXPIRED and referece
count to session struct not to free session while it is being used.

Cc: stable@vger.kernel.org # v5.15+
Reported-by: zdi-disclosures@trendmicro.com # ZDI-CAN-25282
Signed-off-by: Namjae Jeon <linkinjeon@kernel.org>
Signed-off-by: Steve French <stfrench@microsoft.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>

parent 7bed9773

Show whitespace changes

Inline Side-by-side

CodeLinaro @codelinaro
mentioned in commit f00e8bc3
· Nov 05, 2025

mentioned in commit f00e8bc3

mentioned in commit f00e8bc3372e3c159248636cf1180a1ad712f442

Toggle commit list

Please to comment