Infinite loop in Linux kernel smb client

Published: 2024-06-21 | Updated: 2025-05-13

Risk	Low
Patch available	YES
Number of vulnerabilities	1
CVE-ID	CVE-2024-27036
CWE-ID	CWE-835
Exploitation vector	Local
Public exploit	N/A
Vulnerable software	Linux kernel Operating systems & Components / Operating system
Vendor	Linux Foundation

Security Bulletin

This security bulletin contains one low risk vulnerability.

1) Infinite loop

EUVDB-ID: #VU93066

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-27036

CWE-ID: CWE-835 - Loop with Unreachable Exit Condition ('Infinite Loop')

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to infinite loop within the cifs_partialpagewrite(), cifs_extend_writeback(), cifs_write_back_from_locked_folio(), cifs_writepages_region() and cifs_writepages() functions in fs/smb/client/file.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Linux kernel: 6.6 - 6.8.1

CPE2.3

External links

https://git.kernel.org/stable/c/e45deec35bf7f1f4f992a707b2d04a8c162f2240
https://git.kernel.org/stable/c/65f2ced695982ccd516196d0a9447d85dbe2eed5
https://git.kernel.org/stable/c/844b4e132f57f1333dc79feaa035075a096762e4
https://git.kernel.org/stable/c/f3dc1bdb6b0b0693562c7c54a6c28bafa608ba3c
https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.6.23
https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.7.11
https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.8.2

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.