4 matches found
Linux Distros Unpatched Vulnerability : CVE-2023-52446
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: bpf: Fix a race condition between btfput and mapfree When running ./testprogs -j in my local...
BELL-CVE-2023-52446
Bulletin has no description...
CVE-2023-52446 bpf: Fix a race condition between btf_put() and map_free()
In the Linux kernel, the following vulnerability has been resolved: bpf: Fix a race condition between btfput and mapfree When running ./testprogs -j in my local vm with latest kernel, I once hit a kasan error like below: 1887.184724 BUG: KASAN: slab-use-after-free in bpfrbrootfree+0x1f8/0x2b0...
CVE-2023-52446
CVE-2023-52446 affects the Linux kernel BPF subsystem. A race between btf_put() and map_free() can cause a slab-use-after-free in bpf_rb_root_free, as shown by the kasan trace. The impact is described as a use-after-free condition that can lead to a kernel crash or memory corruption. A fix has be...