CVE-2024-50127

Publication date

2024-11-05 17:10:54

Family

Linux

State

PUBLISHED

Description

In the Linux kernel, the following vulnerability has been resolved: net: sched: fix use-after-free in taprio_change() In taprio_change(), admin pointer may become dangling due to sched switch / removal caused by advance_sched(), and critical section protected by q->current_entry_lock is too small to prevent from such a scenario (which causes use-after-free detected by KASAN). Fix this by prefer rcu_replace_pointer() over rcu_assign_pointer() to update admin immediately before an attempt to schedule freeing.