lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <2025051017-finisher-smith-3f26@gregkh>
Date: Sat, 10 May 2025 16:02:33 +0200
From: Greg Kroah-Hartman <gregkh@...nel.org>
To: Wang Zhaolong <wangzhaolong1@...wei.com>
Cc: cve@...nel.org, linux-kernel@...r.kernel.org,
	linux-cve-announce@...r.kernel.org
Subject: Re: CVE-2025-37835: smb: client: Fix netns refcount imbalance
 causing leaks and use-after-free

On Sat, May 10, 2025 at 05:33:40PM +0800, Wang Zhaolong wrote:
> 
> > 
> > Affected and fixed versions
> > ===========================
> > 
> > 	Issue introduced in 6.6.62 with commit e8c71494181153a134c96da28766a57bd1eac8cb and fixed in 6.6.87 with commit c6b6b8dcef4adf8ee4e439bb97e74106096c71b8
> > 	Issue introduced in 6.12 with commit ef7134c7fc48e1441b398e55a862232868a6f0a7 and fixed in 6.12.23 with commit 7d8dfc27d90d41627c0d6ada97ed0ab57b3dae25
> > 	Issue introduced in 6.12 with commit ef7134c7fc48e1441b398e55a862232868a6f0a7 and fixed in 6.13.11 with commit 961755d0055e0e96d1849cc0425da966c8a64e53
> > 	Issue introduced in 6.12 with commit ef7134c7fc48e1441b398e55a862232868a6f0a7 and fixed in 6.14.2 with commit 476617a4ca0123f0df677d547a82a110c27c8c74
> > 	Issue introduced in 6.12 with commit ef7134c7fc48e1441b398e55a862232868a6f0a7 and fixed in 6.15-rc1 with commit 4e7f1644f2ac6d01dc584f6301c3b1d5aac4eaef
> > 	Issue introduced in 6.11.9 with commit c7f9282fc27fc36dbaffc8527c723de264a132f8
> > 
> > Please see https://www.kernel.org for a full list of currently supported
> > kernel versions by the kernel community.
> > 
> > Unaffected versions might change over time as fixes are backported to
> > older supported kernel versions.  The official CVE entry at
> > 	https://cve.org/CVERecord/?id=CVE-2025-37835
> > will be updated if fixes are backported, please check that for the most
> > up to date information about this issue.
> 
> Hello,
> 
> This CVE has already been submitted previously, under the identifier
> CVE-2025-22077.
> 
> The relevant discussion can be found in the following link:
> 
> https://lore.kernel.org/all/b7822cca-5ef5-4e09-bca1-2857aada4741@huawei.com/
> 
> Is this a redundant submission?

Yes, sorry about that, this will now be rejected.  I need to go and
sweep the ids for any reverts like this one, thanks for reminding me.

greg k-h

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ