CVE-2024-50152: 
Linux Kernel vulnerability analysis and mitigation

In the Linux kernel, a double free vulnerability (CVE-2024-50152) was discovered in the SMB client's smb2setea() function. The issue was identified by the Clang static checker in fs/smb/client/smb2ops.c. The vulnerability was reported on November 7, 2024, and affects Linux kernel versions from 6.6.32 up to (excluding) 6.6.59, from 6.8 up to (excluding) 6.11.6, and specific release candidates of version 6.12 (NVD).

The vulnerability occurs in a specific sequence of events within the smb2setea() function: when 'ea' is initialized to NULL, followed by a successful memory allocation, then a failure triggering goto seaexit, memory release, goto replayagain, and finally a second goto sea_exit before allocating memory for ea. This sequence results in a double free of the 'ea' pointer. The issue was assigned a CVSS v3.1 Base Score of 5.5 (MEDIUM) with vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H (NVD).

The vulnerability could lead to memory corruption through a double free condition, potentially causing system crashes or denial of service. The CVSS score indicates that while the vulnerability requires local access and low privileges, it can have a high impact on system availability (NVD).

The issue has been fixed by re-initializing the 'ea' pointer to NULL near the replay_again label. The fix was implemented in kernel patches and is available through the stable kernel release process. Users should update to patched kernel versions that include the fix (Kernel Patch).