{"id":"CVE-2024-50120","summary":"smb: client: Handle kstrdup failures for passwords","details":"In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: Handle kstrdup failures for passwords\n\nIn smb3_reconfigure(), after duplicating ctx-\u003epassword and\nctx-\u003epassword2 with kstrdup(), we need to check for allocation\nfailures.\n\nIf ses-\u003epassword allocation fails, return -ENOMEM.\nIf ses-\u003epassword2 allocation fails, free ses-\u003epassword, set it\nto NULL, and return -ENOMEM.","modified":"2026-04-16T04:36:02.723879913Z","published":"2024-11-05T17:10:49.887Z","related":["USN-7276-1","USN-7277-1","openSUSE-SU-2024:14500-1","openSUSE-SU-2025:14705-1"],"database_specific":{"cna_assigner":"Linux","osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/50xxx/CVE-2024-50120.json"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/35488799b0ab6e4327f82e1d9209a60805665b37"},{"type":"WEB","url":"https://git.kernel.org/stable/c/35dbac8c328d6afe937cd45ecd41d209d0b9f8b8"},{"type":"WEB","url":"https://git.kernel.org/stable/c/9a5dd61151399ad5a5d69aad28ab164734c1e3bc"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/50xxx/CVE-2024-50120.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2024-50120"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"7e8cffa4f85e6839335d75e6b47f918d90c1d194"},{"fixed":"35dbac8c328d6afe937cd45ecd41d209d0b9f8b8"}]},{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"c1eb537bf4560b3ad4df606c266c665624f3b502"},{"fixed":"35488799b0ab6e4327f82e1d9209a60805665b37"},{"fixed":"9a5dd61151399ad5a5d69aad28ab164734c1e3bc"}]},{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"0"},{"last_affected":"e78308a6dcab1e53b38b8dd952e69c515cd324d7"},{"last_affected":"2a0fc63f1f4fccfeb367d0c57b8a243cec60c26c"}]}],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-50120.json"}}],"schema_version":"1.7.5"}