2 matches found
CVE-2024-47711 af_unix: Don't return OOB skb in manage_oob().
In the Linux kernel, the following vulnerability has been resolved: afunix: Don't return OOB skb in manageoob. syzbot reported use-after-free in unixstreamrecvurg. 0 The scenario is 1. sendMSGOOB 2. recvMSGOOB - The consumed OOB remains in recv queue 3. sendMSGOOB 4. recv - manageoob returns the...
CVE-2023-52446
In the Linux kernel, the following vulnerability has been resolved: bpf: Fix a race condition between btfput and mapfree When running ./testprogs -j in my local vm with latest kernel, I once hit a kasan error like below: 1887.184724 BUG: KASAN: slab-use-after-free in bpfrbrootfree+0x1f8/0x2b0...