Home

Description

In the Linux kernel, the following vulnerability has been resolved: cifs: fix potential oops in cifs_oplock_break With deferred close we can have closes that race with lease breaks, and so with the current checks for whether to send the lease response, oplock_response(), this can mean that an unmount (kill_sb) can occur just before we were checking if the tcon->ses is valid. See below: [Fri Aug 4 04:12:50 2023] RIP: 0010:cifs_oplock_break+0x1f7/0x5b0 [cifs] [Fri Aug 4 04:12:50 2023] Code: 7d a8 48 8b 7d c0 c0 e9 02 48 89 45 b8 41 89 cf e8 3e f5 ff ff 4c 89 f7 41 83 e7 01 e8 82 b3 03 f2 49 8b 45 50 48 85 c0 74 5e <48> 83 78 60 00 74 57 45 84 ff 75 52 48 8b 43 98 48 83 eb 68 48 39 [Fri Aug 4 04:12:50 2023] RSP: 0018:ffffb30607ddbdf8 EFLAGS: 00010206 [Fri Aug 4 04:12:50 2023] RAX: 632d223d32612022 RBX: ffff97136944b1e0 RCX: 0000000080100009 [Fri Aug 4 04:12:50 2023] RDX: 0000000000000001 RSI: 0000000080100009 RDI: ffff97136944b188 [Fri Aug 4 04:12:50 2023] RBP: ffffb30607ddbe58 R08: 0000000000000001 R09: ffffffffc08e0900 [Fri Aug 4 04:12:50 2023] R10: 0000000000000001 R11: 000000000000000f R12: ffff97136944b138 [Fri Aug 4 04:12:50 2023] R13: ffff97149147c000 R14: ffff97136944b188 R15: 0000000000000000 [Fri Aug 4 04:12:50 2023] FS: 0000000000000000(0000) GS:ffff9714f7c00000(0000) knlGS:0000000000000000 [Fri Aug 4 04:12:50 2023] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [Fri Aug 4 04:12:50 2023] CR2: 00007fd8de9c7590 CR3: 000000011228e000 CR4: 0000000000350ef0 [Fri Aug 4 04:12:50 2023] Call Trace: [Fri Aug 4 04:12:50 2023] <TASK> [Fri Aug 4 04:12:50 2023] process_one_work+0x225/0x3d0 [Fri Aug 4 04:12:50 2023] worker_thread+0x4d/0x3e0 [Fri Aug 4 04:12:50 2023] ? process_one_work+0x3d0/0x3d0 [Fri Aug 4 04:12:50 2023] kthread+0x12a/0x150 [Fri Aug 4 04:12:50 2023] ? set_kthread_struct+0x50/0x50 [Fri Aug 4 04:12:50 2023] ret_from_fork+0x22/0x30 [Fri Aug 4 04:12:50 2023] </TASK> To fix this change the ordering of the checks before sending the oplock_response to first check if the openFileList is empty.

PUBLISHED Reserved 2025-12-30 | Published 2025-12-30 | Updated 2025-12-30 | Assigner Linux

Product status

Default status
unaffected

63fb45ddc491895c4b36664e0c2c3b548545ae93 (git) before b99f490ea87ebcca3a429fd8837067feb56a4c7c
affected

1bf709b9625001eefdd41048c5f4c7544ee33394 (git) before 5ee28bcfbaacf289eb25c662a2862542ea6ce6a7
affected

3b4c15171c3ce9120c81f5564b9367d8d0f4219c (git) before 6b67a6d2e50634fe127e656147c81915955e9f5e
affected

da787d5b74983f7525d1eb4b9c0b4aff2821511a (git) before e8f5f849ffce24490eb9449e98312b66c0dba76f
affected

cff7fb969edaeff2bc80c8a8f7cf7b0c8df32da7 (git)
affected

Default status
unaffected

5.15.121 (semver) before 5.15.128
affected

6.1.39 (semver) before 6.1.47
affected

6.4.4 (semver) before 6.4.12
affected

References

git.kernel.org/...c/b99f490ea87ebcca3a429fd8837067feb56a4c7c

git.kernel.org/...c/5ee28bcfbaacf289eb25c662a2862542ea6ce6a7

git.kernel.org/...c/6b67a6d2e50634fe127e656147c81915955e9f5e

git.kernel.org/...c/e8f5f849ffce24490eb9449e98312b66c0dba76f

cve.org (CVE-2023-54258)

nvd.nist.gov (CVE-2023-54258)

Download JSON

Data based on CVE®. Copyright © 1999-2025, The MITRE Corporation. All rights reserved.