Wang Zhaolong <wangzhaolong1@xxxxxxxxxx> writes: > Hello, > > I have some questions regarding CVE-2024-26928. > > I would like to confirm whether the phrase "fix potential UAF in > cifs_debug_files_proc_show()" implies that the UAF issue does not > actually exist, correct? Correct. This is just a way to prevent one from accessing any fields from @ses while it is being released by a different task. > Based on this understanding, I wonder if the issue addressed by > this CVE might not be a genuine problem. I am also curious about > the series of patches considered as fixes for this CVE. Nope. The fixes were created and sent without having any related CVEs.
