CVE-2024-41049
July 29, 2024, 4:21 p.m.
Tags
Product(s) Impacted
Linux Kernel
Description
In the Linux kernel, the following vulnerability has been resolved: filelock: fix potential use-after-free in posix_lock_inode Light Hsieh reported a KASAN UAF warning in trace_posix_lock_inode(). The request pointer had been changed earlier to point to a lock entry that was added to the inode's list. However, before the tracepoint could fire, another task raced in and freed that lock. Fix this by moving the tracepoint inside the spinlock, which should ensure that this doesn't happen.
Weaknesses
Date
Published: July 29, 2024, 3:15 p.m.
Last Modified: July 29, 2024, 4:21 p.m.
Status : Awaiting Analysis
CVE has been recently published to the CVE List and has been received by the NVD.
More infoSource
416baaa9-dc9f-4396-8d5f-8c081fb06d67
References
https://git.kernel.org/
416baaa9-dc9f-4396-8d5f-8c081fb06d67
https://git.kernel.org/
416baaa9-dc9f-4396-8d5f-8c081fb06d67
https://git.kernel.org/
416baaa9-dc9f-4396-8d5f-8c081fb06d67
https://git.kernel.org/
416baaa9-dc9f-4396-8d5f-8c081fb06d67
https://git.kernel.org/
416baaa9-dc9f-4396-8d5f-8c081fb06d67
https://git.kernel.org/
416baaa9-dc9f-4396-8d5f-8c081fb06d67
https://git.kernel.org/
416baaa9-dc9f-4396-8d5f-8c081fb06d67