What the vulnerability does

01Description

A use-after-free flaw was found in reconn_set_ipaddr_from_hostname in fs/cifs/connect.c in the Linux kernel. The issue occurs when it forgets to set the free pointer server->hostname to NULL, leading to an invalid pointer request.

Key dates

02Disclosure timeline

May 18, 2023 CVE published
March 18, 2025 Record updated