Entreprise française de cybersécurité depuis 2004
☎ 03 60 47 09 81 - info@securiteinfo.com
☎ 03 60 47 09 81 - info@securiteinfo.com
In the Linux kernel, the following vulnerability has been resolved:bnxt: prevent skb UAF after handing over to PTP workerWhen reading the timestamp is required bnxt_tx_int() handsover the ownership of the completed skb to the PTP worker.The skb should not be used afterwards, as the worker mayrun before the rest of our code and free the skb, leadingto a use-after-free.Since dev_kfree_skb_any() accepts NULL make the loss ofownership more obvious and set skb to NULL.
No PoCs from references.
- https://github.com/ARPSyndicate/cve-scores