mirror of
https://github.com/0xMarcio/cve.git
synced 2025-11-30 18:56:19 +00:00
1.0 KiB
1.0 KiB
CVE-2021-47111
Description
In the Linux kernel, the following vulnerability has been resolved:xen-netback: take a reference to the RX task threadDo this in order to prevent the task from being freed if the threadreturns (which can be triggered by the frontend) before the call tokthread_stop done as part of the backend tear down. Not taking thereference will lead to a use-after-free in that scenario. Suchreference was taken before but dropped as part of the rework done in2ac061ce97f4.Reintroduce the reference taking and add a comment this timeexplaining why it's needed.This is XSA-374 / CVE-2021-28691.
POC
Reference
No PoCs from references.