In the Linux kernel, the following vulnerability has been...
High severity
Unreviewed
Published
May 21, 2024
to the GitHub Advisory Database
•
Updated Jul 3, 2024
Description
Published by the National Vulnerability Database
May 21, 2024
Published to the GitHub Advisory Database
May 21, 2024
Last updated
Jul 3, 2024
In the Linux kernel, the following vulnerability has been resolved:
can: j1939: fix Use-after-Free, hold skb ref while in use
This patch fixes a Use-after-Free found by the syzbot.
The problem is that a skb is taken from the per-session skb queue,
without incrementing the ref count. This leads to a Use-after-Free if
the skb is taken concurrently from the session queue due to a CTS.
References