2 matches found
Arbitrary Code Execution
kernel is vulnerable to arbitrary code execution. A use-after-free in drivers/vhost/vdpa.c as v-configctx has an invalid value upon re-opening a character device...
CVE-2021-29266
CVE-2021-29266 affects the Linux kernel prior to 5.11.9. The use-after-free vulnerability is in drivers/vhost/vdpa.c where v->config_ctx may hold an invalid value when a character device is reopened, enabling a use-after-free scenario. The issue is addressed in ChangeLog-5.11.9 (kernel patch f...