In the Linux kernel, the following vulnerability has been...
High severity
Unreviewed
Published
Oct 21, 2024
to the GitHub Advisory Database
•
Updated Oct 23, 2024
Description
Published by the National Vulnerability Database
Oct 21, 2024
Published to the GitHub Advisory Database
Oct 21, 2024
Last updated
Oct 23, 2024
In the Linux kernel, the following vulnerability has been resolved:
bpf: Fix use-after-free in bpf_uprobe_multi_link_attach()
If bpf_link_prime() fails, bpf_uprobe_multi_link_attach() goes to the
error_free label and frees the array of bpf_uprobe's without calling
bpf_uprobe_unregister().
This leaks bpf_uprobe->uprobe and worse, this frees bpf_uprobe->consumer
without removing it from the uprobe->consumers list.
References