In the Linux kernel, the following vulnerability has been resolved: net:
nfc: fix races in nfc_llcp_sock_get() and nfc_llcp_sock_get_sn() Sili Luo
reported a race in nfc_llcp_sock_get(), leading to UAF. Getting a reference
on the socket found in a lookup while holding a lock should happen before
releasing the lock. nfc_llcp_sock_get_sn() has a similar problem. Finally
nfc_llcp_recv_snl() needs to make sure the socket found by
nfc_llcp_sock_from_sn() does not disappear.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 18.04 | noarch | linux | < any | UNKNOWN |
ubuntu | 20.04 | noarch | linux | < any | UNKNOWN |
ubuntu | 22.04 | noarch | linux | < any | UNKNOWN |
ubuntu | 23.10 | noarch | linux | < any | UNKNOWN |
ubuntu | 24.04 | noarch | linux | < any | UNKNOWN |
ubuntu | 14.04 | noarch | linux | < any | UNKNOWN |
ubuntu | 16.04 | noarch | linux | < any | UNKNOWN |
ubuntu | 18.04 | noarch | linux-aws | < any | UNKNOWN |
ubuntu | 20.04 | noarch | linux-aws | < any | UNKNOWN |
ubuntu | 22.04 | noarch | linux-aws | < any | UNKNOWN |