CVE-2024-56729: 
Linux Kernel vulnerability analysis and mitigation

CVE-2024-56729 is a vulnerability in the Linux kernel's SMB client implementation, discovered and disclosed on December 29, 2024. The vulnerability affects Linux kernel versions from 6.1 up to (excluding) 6.6.64, from 6.7 up to (excluding) 6.11.11, and from 6.12 up to (excluding) 6.12.2. The issue involves improper initialization of cfid->tcon before performing network operations in the SMB client code (NVD).

The vulnerability stems from a race condition in the SMB client's directory caching mechanism where a lease break can race with opening a cached directory. When this occurs, the code might take a reference to the tcon in cached_dir_lease_break() but fail to release the reference in cached_dir_offload_close because cfid->tcon is still NULL. This issue was introduced by the commit that enabled caching of directories for which a lease is held. The vulnerability has been assigned a CVSS v3.1 Base Score of 4.7 (Medium) with vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H (NVD).

The primary impact of this vulnerability is a memory leak in the Linux kernel when handling SMB directory operations. The leak occurs when specific race conditions are met during directory caching operations, potentially leading to resource exhaustion over time (Kernel Patch).

The vulnerability has been fixed in the Linux kernel through a patch that initializes cfid->tcon before performing network operations. The fix has been backported to affected stable kernel versions. Users should upgrade to kernel versions 6.6.64, 6.11.11, or 6.12.2 or later, depending on their kernel series (Kernel Patch).