[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2024-53177":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-04T08:53:30.047Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":20,"aliases":21,"duplicate_of":9,"upstream":22,"downstream":23,"duplicates":82,"related":83,"reserved_at":9,"published_at":105,"modified_at":106,"state":107,"summary":108,"references_raw":117,"kevs":136,"epss":137,"epss_history":140,"metrics":405,"affected":413},"CVE-2024-53177","In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: prevent use-after-free due to open_cached_dir error paths\n\nIf open_cached_dir() encounters an error parsing the lease from the\nserver, the error handling may race with receiving a lease break,\nresulting in open_cached_dir() freeing the cfid while the queued work is\npending.\n\nUpdate open_cached_dir() to drop refs rather than directly freeing the\ncfid.\n\nHave cached_dir_lease_break(), cfids_laundromat_worker(), and\ninvalidate_all_cached_dirs() clear has_lease immediately while still\nholding cfids->cfid_list_lock, and then use this to also simplify the\nreference counting in cfids_laundromat_worker() and\ninvalidate_all_cached_dirs().\n\nFixes this KASAN splat (which manually injects an error and lease break\nin open_cached_dir()):\n\n==================================================================\nBUG: KASAN: slab-use-after-free in smb2_cached_lease_break+0x27/0xb0\nRead of size 8 at addr ffff88811cc24c10 by task kworker/3:1/65\n\nCPU: 3 UID: 0 PID: 65 Comm: kworker/3:1 Not tainted 6.12.0-rc6-g255cf264e6e5-dirty #87\nHardware name: VMware, Inc. VMware Virtual Platform/440BX Desktop Reference Platform, BIOS 6.00 11/12/2020\nWorkqueue: cifsiod smb2_cached_lease_break\nCall Trace:\n \u003CTASK>\n dump_stack_lvl+0x77/0xb0\n print_report+0xce/0x660\n kasan_report+0xd3/0x110\n smb2_cached_lease_break+0x27/0xb0\n process_one_work+0x50a/0xc50\n worker_thread+0x2ba/0x530\n kthread+0x17c/0x1c0\n ret_from_fork+0x34/0x60\n ret_from_fork_asm+0x1a/0x30\n \u003C/TASK>\n\nAllocated by task 2464:\n kasan_save_stack+0x33/0x60\n kasan_save_track+0x14/0x30\n __kasan_kmalloc+0xaa/0xb0\n open_cached_dir+0xa7d/0x1fb0\n smb2_query_path_info+0x43c/0x6e0\n cifs_get_fattr+0x346/0xf10\n cifs_get_inode_info+0x157/0x210\n cifs_revalidate_dentry_attr+0x2d1/0x460\n cifs_getattr+0x173/0x470\n vfs_statx_path+0x10f/0x160\n vfs_statx+0xe9/0x150\n vfs_fstatat+0x5e/0xc0\n __do_sys_newfstatat+0x91/0xf0\n do_syscall_64+0x95/0x1a0\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nFreed by task 2464:\n kasan_save_stack+0x33/0x60\n kasan_save_track+0x14/0x30\n kasan_save_free_info+0x3b/0x60\n __kasan_slab_free+0x51/0x70\n kfree+0x174/0x520\n open_cached_dir+0x97f/0x1fb0\n smb2_query_path_info+0x43c/0x6e0\n cifs_get_fattr+0x346/0xf10\n cifs_get_inode_info+0x157/0x210\n cifs_revalidate_dentry_attr+0x2d1/0x460\n cifs_getattr+0x173/0x470\n vfs_statx_path+0x10f/0x160\n vfs_statx+0xe9/0x150\n vfs_fstatat+0x5e/0xc0\n __do_sys_newfstatat+0x91/0xf0\n do_syscall_64+0x95/0x1a0\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nLast potentially related work creation:\n kasan_save_stack+0x33/0x60\n __kasan_record_aux_stack+0xad/0xc0\n insert_work+0x32/0x100\n __queue_work+0x5c9/0x870\n queue_work_on+0x82/0x90\n open_cached_dir+0x1369/0x1fb0\n smb2_query_path_info+0x43c/0x6e0\n cifs_get_fattr+0x346/0xf10\n cifs_get_inode_info+0x157/0x210\n cifs_revalidate_dentry_attr+0x2d1/0x460\n cifs_getattr+0x173/0x470\n vfs_statx_path+0x10f/0x160\n vfs_statx+0xe9/0x150\n vfs_fstatat+0x5e/0xc0\n __do_sys_newfstatat+0x91/0xf0\n do_syscall_64+0x95/0x1a0\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nThe buggy address belongs to the object at ffff88811cc24c00\n which belongs to the cache kmalloc-1k of size 1024\nThe buggy address is located 16 bytes inside of\n freed 1024-byte region [ffff88811cc24c00, ffff88811cc25000)",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":18,"capec":19},"CWE-416","Use After Free","The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory \"belongs\" to the code that operates on the new pointer.","weakness","Stable","Variant","High",[],[],[],[],[24,26,28,30,32,34,36,38,40,42,44,46,48,50,52,54,56,58,60,62,64,66,68,70,72,74,76,78,80],{"_key":25},"SUSE-SU-2025:01919-1",{"_key":27},"SUSE-SU-2025:03283-1",{"_key":29},"SUSE-SU-2025:03314-1",{"_key":31},"SUSE-SU-2025:0555-1",{"_key":33},"SUSE-SU-2025:0556-1",{"_key":35},"SUSE-SU-2025:0576-1",{"_key":37},"SUSE-SU-2025:0577-1",{"_key":39},"SUSE-SU-2025:0577-2",{"_key":41},"SUSE-SU-2025:0847-1",{"_key":43},"SUSE-SU-2025:0856-1",{"_key":45},"SUSE-SU-2025:0955-1",{"_key":47},"SUSE-SU-2025:03344-1",{"_key":49},"SUSE-SU-2025:03383-1",{"_key":51},"SUSE-SU-2025:20190-1",{"_key":53},"SUSE-SU-2025:20192-1",{"_key":55},"SUSE-SU-2025:20260-1",{"_key":57},"SUSE-SU-2025:20270-1",{"_key":59},"DEBIAN-CVE-2024-53177",{"_key":61},"UBUNTU-CVE-2024-53177",{"_key":63},"USN-7310-1",{"_key":65},"USN-7449-1",{"_key":67},"USN-7449-2",{"_key":69},"USN-7450-1",{"_key":71},"USN-7451-1",{"_key":73},"USN-7452-1",{"_key":75},"USN-7453-1",{"_key":77},"USN-7468-1",{"_key":79},"USN-7523-1",{"_key":81},"USN-7524-1",[],[84,85,86,87,88,89,90,91,92,94,96,97,98,99,100,101,102,103,104],{"_key":25},{"_key":27},{"_key":29},{"_key":31},{"_key":33},{"_key":35},{"_key":37},{"_key":39},{"_key":93},"USN-7276-1",{"_key":95},"USN-7277-1",{"_key":41},{"_key":43},{"_key":45},{"_key":47},{"_key":49},{"_key":51},{"_key":53},{"_key":55},{"_key":57},"2024-12-27T13:49:21.362Z","2026-05-23T15:55:19.574Z","Analyzed",{"cisa_kev":109,"cisa_ransomware":109,"cisa_vendor":9,"epss_severity":110,"epss_score":111,"severity":112,"severity_score":113,"severity_version":114,"severity_source":115,"severity_vector":116,"severity_status":107},false,"low",0.00014,"high",7.8,"v3.1","cve.org","CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",[118,124,128,132],{"url":119,"sources":120,"tags":122},"https://git.kernel.org/stable/c/791f833053578b9fd24252ebb7162a61bc3f805b",[115,121],"nvd",[123],"Patch",{"url":125,"sources":126,"tags":127},"https://git.kernel.org/stable/c/97e2afcac0bebfef6a5360f4267ce4c44507b845",[115,121],[123],{"url":129,"sources":130,"tags":131},"https://git.kernel.org/stable/c/47655a12c6b1bca8fa230085eab2e85a076932b7",[115,121],[123],{"url":133,"sources":134,"tags":135},"https://git.kernel.org/stable/c/a9685b409a03b73d2980bbfa53eb47555802d0a9",[115,121],[123],[],{"date":138,"score":111,"percentile":139},"2026-06-03",0.02659,[141,145,148,151,154,157,159,162,165,168,171,174,177,180,182,186,189,192,195,198,201,204,207,210,213,216,219,222,225,228,231,233,236,239,242,245,248,251,254,257,260,263,266,269,272,275,278,281,284,287,290,293,296,299,303,306,309,312,315,318,321,324,327,330,333,336,339,342,345,348,350,353,356,359,362,365,367,370,373,376,378,381,384,386,389,392,395,398,401,403],{"date":142,"score":143,"percentile":144},"2025-11-04",0.0003,0.07455,{"date":146,"score":143,"percentile":147},"2025-11-05",0.07511,{"date":149,"score":143,"percentile":150},"2025-11-06",0.07626,{"date":152,"score":143,"percentile":153},"2025-11-07",0.07654,{"date":155,"score":143,"percentile":156},"2025-11-08",0.07661,{"date":158,"score":143,"percentile":150},"2025-11-09",{"date":160,"score":143,"percentile":161},"2025-11-10",0.07583,{"date":163,"score":143,"percentile":164},"2025-11-11",0.07573,{"date":166,"score":143,"percentile":167},"2025-11-12",0.07554,{"date":169,"score":143,"percentile":170},"2025-11-13",0.07588,{"date":172,"score":143,"percentile":173},"2025-11-14",0.07635,{"date":175,"score":143,"percentile":176},"2025-11-15",0.07689,{"date":178,"score":143,"percentile":179},"2025-11-16",0.07699,{"date":181,"score":143,"percentile":176},"2025-11-17",{"date":183,"score":184,"percentile":185},"2025-11-18",0.00056,0.12964,{"date":187,"score":184,"percentile":188},"2025-11-19",0.12983,{"date":190,"score":184,"percentile":191},"2025-11-20",0.12996,{"date":193,"score":143,"percentile":194},"2025-11-21",0.07853,{"date":196,"score":143,"percentile":197},"2025-11-22",0.07847,{"date":199,"score":143,"percentile":200},"2025-11-23",0.07843,{"date":202,"score":143,"percentile":203},"2025-11-24",0.07832,{"date":205,"score":143,"percentile":206},"2025-11-25",0.07831,{"date":208,"score":143,"percentile":209},"2025-11-26",0.07838,{"date":211,"score":143,"percentile":212},"2025-11-27",0.0784,{"date":214,"score":143,"percentile":215},"2025-11-28",0.07827,{"date":217,"score":143,"percentile":218},"2025-11-29",0.07855,{"date":220,"score":143,"percentile":221},"2025-11-30",0.07852,{"date":223,"score":143,"percentile":224},"2025-12-01",0.07885,{"date":226,"score":143,"percentile":227},"2025-12-02",0.07902,{"date":229,"score":143,"percentile":230},"2025-12-03",0.07921,{"date":232,"score":143,"percentile":227},"2025-12-04",{"date":234,"score":143,"percentile":235},"2025-12-05",0.07919,{"date":237,"score":143,"percentile":238},"2025-12-06",0.07932,{"date":240,"score":143,"percentile":241},"2025-12-07",0.07931,{"date":243,"score":143,"percentile":244},"2025-12-08",0.07927,{"date":246,"score":143,"percentile":247},"2025-12-09",0.0798,{"date":249,"score":143,"percentile":250},"2025-12-10",0.08049,{"date":252,"score":143,"percentile":253},"2025-12-11",0.08102,{"date":255,"score":143,"percentile":256},"2025-12-12",0.08104,{"date":258,"score":143,"percentile":259},"2025-12-13",0.08069,{"date":261,"score":143,"percentile":262},"2025-12-14",0.08058,{"date":264,"score":143,"percentile":265},"2025-12-15",0.07988,{"date":267,"score":143,"percentile":268},"2025-12-16",0.08012,{"date":270,"score":143,"percentile":271},"2025-12-17",0.0809,{"date":273,"score":143,"percentile":274},"2025-12-18",0.08149,{"date":276,"score":143,"percentile":277},"2025-12-19",0.08128,{"date":279,"score":143,"percentile":280},"2025-12-20",0.08119,{"date":282,"score":143,"percentile":283},"2025-12-21",0.08051,{"date":285,"score":143,"percentile":286},"2025-12-22",0.08003,{"date":288,"score":143,"percentile":289},"2025-12-23",0.0802,{"date":291,"score":143,"percentile":292},"2025-12-24",0.08037,{"date":294,"score":143,"percentile":295},"2025-12-25",0.08116,{"date":297,"score":143,"percentile":298},"2025-12-26",0.08124,{"date":300,"score":301,"percentile":302},"2025-12-27",0.00038,0.1127,{"date":304,"score":143,"percentile":305},"2025-12-28",0.08125,{"date":307,"score":143,"percentile":308},"2025-12-29",0.08108,{"date":310,"score":143,"percentile":311},"2025-12-30",0.08083,{"date":313,"score":143,"percentile":314},"2025-12-31",0.08114,{"date":316,"score":143,"percentile":317},"2026-01-01",0.08178,{"date":319,"score":143,"percentile":320},"2026-01-02",0.08179,{"date":322,"score":143,"percentile":323},"2026-01-03",0.08177,{"date":325,"score":143,"percentile":326},"2026-01-04",0.0811,{"date":328,"score":143,"percentile":329},"2026-01-05",0.08061,{"date":331,"score":143,"percentile":332},"2026-01-06",0.0805,{"date":334,"score":143,"percentile":335},"2026-01-07",0.08085,{"date":337,"score":143,"percentile":338},"2026-01-08",0.08163,{"date":340,"score":143,"percentile":341},"2026-01-09",0.08174,{"date":343,"score":143,"percentile":344},"2026-01-10",0.08201,{"date":346,"score":143,"percentile":347},"2026-01-11",0.08186,{"date":349,"score":143,"percentile":338},"2026-01-12",{"date":351,"score":143,"percentile":352},"2026-01-13",0.08135,{"date":354,"score":143,"percentile":355},"2026-01-14",0.08165,{"date":357,"score":143,"percentile":358},"2026-01-15",0.0816,{"date":360,"score":143,"percentile":361},"2026-01-16",0.08184,{"date":363,"score":143,"percentile":364},"2026-01-17",0.08202,{"date":366,"score":143,"percentile":323},"2026-01-18",{"date":368,"score":143,"percentile":369},"2026-01-19",0.08136,{"date":371,"score":143,"percentile":372},"2026-01-20",0.08093,{"date":374,"score":143,"percentile":375},"2026-01-21",0.08075,{"date":377,"score":143,"percentile":283},"2026-01-22",{"date":379,"score":143,"percentile":380},"2026-01-23",0.08142,{"date":382,"score":143,"percentile":383},"2026-01-24",0.08198,{"date":385,"score":143,"percentile":341},"2026-01-25",{"date":387,"score":143,"percentile":388},"2026-01-26",0.0813,{"date":390,"score":143,"percentile":391},"2026-01-27",0.08118,{"date":393,"score":143,"percentile":394},"2026-01-28",0.08088,{"date":396,"score":143,"percentile":397},"2026-01-29",0.08067,{"date":399,"score":143,"percentile":400},"2026-01-30",0.08079,{"date":402,"score":143,"percentile":308},"2026-01-31",{"date":404,"score":143,"percentile":277},"2026-02-01",[406,411],{"source":115,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":407,"cvss_v4_0":9},{"baseScore":113,"baseSeverity":408,"vectorString":116,"impactScore":409,"exploitabilityScore":410},"HIGH",9.8,4.6,{"source":121,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":412,"cvss_v4_0":9},{"baseScore":113,"baseSeverity":408,"vectorString":116,"impactScore":409,"exploitabilityScore":410},[414,448],{"ecosystem":9,"name":415,"vendor":416,"product":416,"cpe_part":417,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":418},"Linux","linux","a",[419,426,430,433,436,438,442,446],{"version":420,"is_range":421,"range_type":115,"version_start":422,"version_start_type":423,"version_end":424,"version_end_type":425,"fixed_in":9},">= 93877b9afc2994c89362007aac480a7b150f386f, \u003C 791f833053578b9fd24252ebb7162a61bc3f805b",true,"93877b9afc2994c89362007aac480a7b150f386f","including","791f833053578b9fd24252ebb7162a61bc3f805b","excluding",{"version":427,"is_range":421,"range_type":115,"version_start":428,"version_start_type":423,"version_end":429,"version_end_type":425,"fixed_in":9},">= 5c86919455c1edec99ebd3338ad213b59271a71b, \u003C 97e2afcac0bebfef6a5360f4267ce4c44507b845","5c86919455c1edec99ebd3338ad213b59271a71b","97e2afcac0bebfef6a5360f4267ce4c44507b845",{"version":431,"is_range":421,"range_type":115,"version_start":428,"version_start_type":423,"version_end":432,"version_end_type":425,"fixed_in":9},">= 5c86919455c1edec99ebd3338ad213b59271a71b, \u003C 47655a12c6b1bca8fa230085eab2e85a076932b7","47655a12c6b1bca8fa230085eab2e85a076932b7",{"version":434,"is_range":421,"range_type":115,"version_start":428,"version_start_type":423,"version_end":435,"version_end_type":425,"fixed_in":9},">= 5c86919455c1edec99ebd3338ad213b59271a71b, \u003C a9685b409a03b73d2980bbfa53eb47555802d0a9","a9685b409a03b73d2980bbfa53eb47555802d0a9",{"version":437,"is_range":109,"range_type":115,"version_start":437,"version_start_type":423,"version_end":437,"version_end_type":423,"fixed_in":9},"6db94d08359c43f2c8fe372811cdee04564a41b9",{"version":439,"is_range":421,"range_type":115,"version_start":440,"version_start_type":423,"version_end":441,"version_end_type":425,"fixed_in":9},">= 6.6.3, \u003C 6.6.64","6.6.3","6.6.64",{"version":443,"is_range":421,"range_type":115,"version_start":444,"version_start_type":423,"version_end":445,"version_end_type":425,"fixed_in":9},">= 6.5.13, \u003C 6.6","6.5.13","6.6",{"version":447,"is_range":109,"range_type":115,"version_start":447,"version_start_type":423,"version_end":447,"version_end_type":423,"fixed_in":9},"6.7",{"ecosystem":9,"name":449,"vendor":416,"product":450,"cpe_part":451,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":452},"linux kernel","linux_kernel","o",[453,456,459],{"version":454,"is_range":421,"range_type":455,"version_start":9,"version_start_type":9,"version_end":441,"version_end_type":425,"fixed_in":9},"lt6.6.64","cpe",{"version":457,"is_range":421,"range_type":455,"version_start":447,"version_start_type":423,"version_end":458,"version_end_type":425,"fixed_in":9},"gte6.7_lt6.11.11","6.11.11",{"version":460,"is_range":421,"range_type":455,"version_start":461,"version_start_type":423,"version_end":462,"version_end_type":425,"fixed_in":9},"gte6.12_lt6.12.2","6.12","6.12.2"]