mirror of
https://github.com/0xMarcio/cve.git
synced 2025-11-28 18:48:49 +00:00
1.1 KiB
1.1 KiB
CVE-2024-27394
Description
In the Linux kernel, the following vulnerability has been resolved:tcp: Fix Use-After-Free in tcp_ao_connect_initSince call_rcu, which is called in the hlist_for_each_entry_rcu traversalof tcp_ao_connect_init, is not part of the RCU read critical section, itis possible that the RCU grace period will pass during the traversal andthe key will be free.To prevent this, it should be changed to hlist_for_each_entry_safe.
POC
Reference
No PoCs from references.