Fluid Attacks Database

Description

A flaw was found in the Linux kernel's Common Internet File System (CIFS) client. A race condition can occur when the system handles file closes and network lease breaks simultaneously with an unmount operation. This timing issue can lead to a kernel crash, resulting in a Denial of Service (DoS) for the affected system. While a remote server can influence this, local system conditions are also required to trigger the vulnerability.

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem	Package	Affected version	Patched versions
debian 13	linux	>=0 <6.4.13-1	6.4.13-1
debian 14	linux	>=0 <6.4.13-1	6.4.13-1
rpm rhel8	kernel	-	-
rpm rhel9	kernel	-	-
rpm rhel8	kernel-rt	-	-
rpm rhel9	kernel-rt	-	-

Aliases

1. CVE-2023-542582. NVD-2023-542583. OSV-DEBIAN-2023-542584. OSV-2023-542585. SECURITY-TRACKER-CVE-2023-54258

Does your application use this vulnerable software?

During the free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.