Entreprise française de cybersécurité depuis 2004
☎ 03 60 47 09 81 - info@securiteinfo.com
☎ 03 60 47 09 81 - info@securiteinfo.com
In the Linux kernel, the following vulnerability has been resolved:gfs2: Fix slab-use-after-free in gfs2_qd_deallocIn gfs2_put_super(), whether withdrawn or not, the quota shouldbe cleaned up by gfs2_quota_cleanup().Otherwise, struct gfs2_sbd will be freed before gfs2_qd_dealloc (rcucallback) has run for all gfs2_quota_data objects, resulting inuse-after-free.Also, gfs2_destroy_threads() and gfs2_quota_cleanup() is already calledby gfs2_make_fs_ro(), so in gfs2_put_super(), after callinggfs2_make_fs_ro(), there is no need to call them again.
No PoCs from references.
- https://github.com/fkie-cad/nvd-json-data-feeds
- https://github.com/takaaki-fukunaga/cvechecker