In the Linux kernel, the following vulnerability has been resolved: igb: Fix use-after-free error during reset Cleans the next descriptor to watch (next_to_watch) when cleaning the TX ring. Failure to do so can cause invalid memory accesses. If igb_poll() runs while the controller is reset this can lead to the driver try to free a skb that was already freed. (The crash is harder to reproduce with the igb driver, but the same potential problem exists as the code is identical to igc)
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Debian | 12 | all | linux | < 5.14.6-1 | linux_5.14.6-1_all.deb |
Debian | 11 | all | linux | < 5.10.70-1 | linux_5.10.70-1_all.deb |
Debian | 999 | all | linux | < 5.14.6-1 | linux_5.14.6-1_all.deb |
Debian | 13 | all | linux | < 5.14.6-1 | linux_5.14.6-1_all.deb |