CVE-2023-52445

by Fred · 22/02/2024

In the Linux kernel, the following vulnerability has been resolved: media: pvrusb2: fix use after free on context disconnection Upon module load, a kthread is created targeting the pvr2_context_thread_func function, which may call pvr2_context_destroy and thus call kfree() on the context object. However, that might happen before the usb hub_event handler is able to notify the driver. This patch adds a sanity check before the invalid read reported by syzbot, within the context disconnection call stack.

Date published : 2024-02-22

https://git.kernel.org/stable/c/2cf0005d315549b8d2b940ff96a66c2a889aa795

https://git.kernel.org/stable/c/30773ea47d41773f9611ffb4ebc9bda9d19a9e7e

CVE-2023-52445

Similar

Recent Posts

Categories

CVE-2023-52445

Share this:

Similar

Recent Posts

Categories

Tags