46 matches found
kernel: mptcp: pm: Fix uaf in __timer_delete_sync
A use-after-free flaw was found in the Linux kernel’s Multipath TCP MPTCP subsystem. This flaw allows a local user to crash or potentially escalate their privileges on the system...
kernel: mptcp: pm: Fix uaf in __timer_delete_sync
A use-after-free flaw was found in the Linux kernel’s Multipath TCP MPTCP subsystem. This flaw allows a local user to crash or potentially escalate their privileges on the system...
kernel: mptcp: pm: Fix uaf in __timer_delete_sync
A use-after-free flaw was found in the Linux kernel’s Multipath TCP MPTCP subsystem. This flaw allows a local user to crash or potentially escalate their privileges on the system...
kernel: mptcp: pm: Fix uaf in __timer_delete_sync
A use-after-free flaw was found in the Linux kernel’s Multipath TCP MPTCP subsystem. This flaw allows a local user to crash or potentially escalate their privileges on the system...
mptcp: pm: Fix uaf in __timer_delete_sync
...
CVE-2024-46858
CVE-2024-46858 in the Linux kernel fixes a local UAF race in mptcp_pm_del_add_timer. Two paths can access mptcp_pm_del_add_timer concurrently (CPU1 in PM code path vs CPU2 in netlink/ip stack path), leading to use-after-free when a timer entry is freed after leaving the critical region. The patch...