2 matches found
CVE-2025-21825
In the Linux kernel, the following vulnerability has been resolved: bpf: Cancel the running bpftimer through kworker for PREEMPTRT During the update procedure, when overwrite element in a pre-allocated htab, the freeing of oldelement is protected by the bucket lock. The reason why the bucket lock...
CVE-2024-26737 bpf: Fix racing between bpf_timer_cancel_and_free and bpf_timer_cancel
In the Linux kernel, the following vulnerability has been resolved: bpf: Fix racing between bpftimercancelandfree and bpftimercancel The following race is possible between bpftimercancelandfree and bpftimercancel. It will lead a UAF on the timer-timer. bpftimercancel; spinlock; t = timer-time;...