2 matches found
CVE-2023-53645
In the Linux kernel, the following vulnerability has been resolved: bpf: Make bpfrefcountacquire fallible for non-owning refs This patch fixes an incorrect assumption made in the original bpfrefcount series 0, specifically that the BPF program calling bpfrefcountacquire on some node can always...
CVE-2023-53645
CVE-2023-53645 : Linux kernel patch fixes a use-after-free risk in BPF non-owning references by making bpf_refcount_acquire fallible. The fix changes the implementation (bpf_refcount_acquire_impl) to use refcount_inc_not_zero and return KF_RET_NULL, preventing increment on a possibly freed object...