cve/published/2024/CVE-2024-26822.mbox - pub/scm/linux/security/vulns - Git at Google

 From bippy-5f407fcff5a0 Mon Sep 17 00:00:00 2001
 From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
 To: <linux-cve-announce@vger.kernel.org>
 Reply-to: <cve@kernel.org>, <linux-kernel@vger.kernel.org>
 Subject: CVE-2024-26822: smb: client: set correct id, uid and cruid for multiuser automounts

 Description
 ===========

 In the Linux kernel, the following vulnerability has been resolved:

 smb: client: set correct id, uid and cruid for multiuser automounts

 When uid, gid and cruid are not specified, we need to dynamically
 set them into the filesystem context used for automounting otherwise
 they'll end up reusing the values from the parent mount.

 The Linux kernel CVE team has assigned CVE-2024-26822 to this issue.


 Affected and fixed versions
 ===========================

 	Issue introduced in 6.2 with commit 9fd29a5bae6e8f94b410374099a6fddb253d2d5f and fixed in 6.6.18 with commit c2aa2718cda2d56b4a551cb40043e9abc9684626
 	Issue introduced in 6.2 with commit 9fd29a5bae6e8f94b410374099a6fddb253d2d5f and fixed in 6.7.6 with commit 7590ba9057c6d74c66f3b909a383ec47cd2f27fb
 	Issue introduced in 6.2 with commit 9fd29a5bae6e8f94b410374099a6fddb253d2d5f and fixed in 6.8 with commit 4508ec17357094e2075f334948393ddedbb75157
 	Issue introduced in 5.15.124 with commit c8117ac42303f7ae99bbe53e4952f7d147cca1fb
 	Issue introduced in 6.1.54 with commit 60e3318e3e900ba1ddfead937012b3432dfccc92

 Please see https://www.kernel.org for a full list of currently supported
 kernel versions by the kernel community.

 Unaffected versions might change over time as fixes are backported to
 older supported kernel versions.  The official CVE entry at
 	https://cve.org/CVERecord/?id=CVE-2024-26822
 will be updated if fixes are backported, please check that for the most
 up to date information about this issue.


 Affected files
 ==============

 The file(s) affected by this issue are:
 	fs/smb/client/namespace.c


 Mitigation
 ==========

 The Linux kernel CVE team recommends that you update to the latest
 stable kernel version for this, and many other bugfixes.  Individual
 changes are never tested alone, but rather are part of a larger kernel
 release.  Cherry-picking individual commits is not recommended or
 supported by the Linux kernel community at all.  If however, updating to
 the latest release is impossible, the individual changes to resolve this
 issue can be found at these commits:
 	https://git.kernel.org/stable/c/c2aa2718cda2d56b4a551cb40043e9abc9684626
 	https://git.kernel.org/stable/c/7590ba9057c6d74c66f3b909a383ec47cd2f27fb
 	https://git.kernel.org/stable/c/4508ec17357094e2075f334948393ddedbb75157
	From bippy-5f407fcff5a0 Mon Sep 17 00:00:00 2001
	From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
	To: <linux-cve-announce@vger.kernel.org>
	Reply-to: <cve@kernel.org>, <linux-kernel@vger.kernel.org>
	Subject: CVE-2024-26822: smb: client: set correct id, uid and cruid for multiuser automounts

	Description
	===========

	In the Linux kernel, the following vulnerability has been resolved:

	smb: client: set correct id, uid and cruid for multiuser automounts

	When uid, gid and cruid are not specified, we need to dynamically
	set them into the filesystem context used for automounting otherwise
	they'll end up reusing the values from the parent mount.

	The Linux kernel CVE team has assigned CVE-2024-26822 to this issue.


	Affected and fixed versions
	===========================

	Issue introduced in 6.2 with commit 9fd29a5bae6e8f94b410374099a6fddb253d2d5f and fixed in 6.6.18 with commit c2aa2718cda2d56b4a551cb40043e9abc9684626
	Issue introduced in 6.2 with commit 9fd29a5bae6e8f94b410374099a6fddb253d2d5f and fixed in 6.7.6 with commit 7590ba9057c6d74c66f3b909a383ec47cd2f27fb
	Issue introduced in 6.2 with commit 9fd29a5bae6e8f94b410374099a6fddb253d2d5f and fixed in 6.8 with commit 4508ec17357094e2075f334948393ddedbb75157
	Issue introduced in 5.15.124 with commit c8117ac42303f7ae99bbe53e4952f7d147cca1fb
	Issue introduced in 6.1.54 with commit 60e3318e3e900ba1ddfead937012b3432dfccc92

	Please see https://www.kernel.org for a full list of currently supported
	kernel versions by the kernel community.

	Unaffected versions might change over time as fixes are backported to
	older supported kernel versions. The official CVE entry at
	https://cve.org/CVERecord/?id=CVE-2024-26822
	will be updated if fixes are backported, please check that for the most
	up to date information about this issue.


	Affected files
	==============

	The file(s) affected by this issue are:
	fs/smb/client/namespace.c


	Mitigation
	==========

	The Linux kernel CVE team recommends that you update to the latest
	stable kernel version for this, and many other bugfixes. Individual
	changes are never tested alone, but rather are part of a larger kernel
	release. Cherry-picking individual commits is not recommended or
	supported by the Linux kernel community at all. If however, updating to
	the latest release is impossible, the individual changes to resolve this
	issue can be found at these commits:
	https://git.kernel.org/stable/c/c2aa2718cda2d56b4a551cb40043e9abc9684626
	https://git.kernel.org/stable/c/7590ba9057c6d74c66f3b909a383ec47cd2f27fb
	https://git.kernel.org/stable/c/4508ec17357094e2075f334948393ddedbb75157