2 matches found
CVE-2021-47254
In CVE-2021-47254, the Linux kernel gfs2 subsystem has a use-after-free in gfs2_glock_shrink_scan. The GLF_LRU flag is checked under lru_lock to remove the glock from the lru list in __gfs2_glock_put(), but cond_resched_lock(&lru_lock) allows progress on the put side without deleting the glock fr...
CVE-2022-49967
CVE-2022-49967 is a Linux kernel data-race vulnerability in the bpf_jit_limit variable. The issue arises when bpf_jit_limit is read while it can be concurrently updated via sysctl, risking load-tearing due to the long size of the value. The fix adds a paired READ_ONCE() alongside WRITE_ONCE() in ...