Entreprise française de cybersécurité depuis 2004
☎ 03 60 47 09 81 - info@securiteinfo.com
☎ 03 60 47 09 81 - info@securiteinfo.com
In the Linux kernel, the following vulnerability has been resolved:fgraph: Add READ_ONCE() when accessing fgraph_array[]In __ftrace_return_to_handler(), a loop iterates over the fgraph_array[]elements, which are fgraph_ops. The loop checks if an element is afgraph_stub to prevent using a fgraph_stub afterward.However, if the compiler reloads fgraph_array[] after this check, it mightrace with an update to fgraph_array[] that introduces a fgraph_stub. Thiscould result in the stub being processed, but the stub contains a null"func_hash" field, leading to a NULL pointer dereference.To ensure that the gops compared against the fgraph_stub matches the gopsprocessed later, add a READ_ONCE(). A similar patch appears in commit63a8dfb ("function_graph: Add READ_ONCE() when accessing fgraph_array[]").
No PoCs from references.
- https://github.com/fkie-cad/nvd-json-data-feeds