2 matches found
DEBIAN-CVE-2022-49456
In the Linux kernel, the following vulnerability has been resolved: bonding: fix missed rcu protection When removing the rcureadlock in bondethtoolgettsinfo as discussed 1, I didn't notice it could be called via setsockopt, which doesn't hold rcu lock, as syzbot pointed: stack backtrace: CPU: 0...
PT-2025-8390 · Linux +1 · Linux Kernel +1
Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 5.18.0-rc5-syzkaller-01392-g01f4685797a5 Description: A vulnerability in the Linux kernel has been resolved. The issue was related to the removal of the rcu read lock in the bond ethtool get ts info function,...