mirror of
https://github.com/0xMarcio/cve.git
synced 2025-11-28 18:48:49 +00:00
1.2 KiB
1.2 KiB
CVE-2024-50127
Description
In the Linux kernel, the following vulnerability has been resolved:net: sched: fix use-after-free in taprio_change()In 'taprio_change()', 'admin' pointer may become dangling due to schedswitch / removal caused by 'advance_sched()', and critical sectionprotected by 'q->current_entry_lock' is too small to prevent from sucha scenario (which causes use-after-free detected by KASAN). Fix thisby prefer 'rcu_replace_pointer()' over 'rcu_assign_pointer()' to update'admin' immediately before an attempt to schedule freeing.
POC
Reference
No PoCs from references.