2 matches found
kernel: ovl: fix UAF in ovl_dentry_update_reval by moving dput() in ovl_link_up
A use after free vulnerability exists in the linux kernel such that dputupper is being called before ovldentryupdatereval, while upper-dflags was still accessed in ovldentryremote...
DEBIAN-CVE-2025-21887
In the Linux kernel, the following vulnerability has been resolved: ovl: fix UAF in ovldentryupdatereval by moving dput in ovllinkup The issue was caused by dputupper being called before ovldentryupdatereval, while upper-dflags was still accessed in ovldentryremote. Move dputupper after its last...