In the Linux kernel, the following vulnerability has been...
High severity
Unreviewed
Published
Oct 21, 2024
to the GitHub Advisory Database
•
Updated Nov 7, 2024
Description
Published by the National Vulnerability Database
Oct 21, 2024
Published to the GitHub Advisory Database
Oct 21, 2024
Last updated
Nov 7, 2024
In the Linux kernel, the following vulnerability has been resolved:
mac802154: Fix potential RCU dereference issue in mac802154_scan_worker
In the
mac802154_scan_worker
function, thescan_req->type
field wasaccessed after the RCU read-side critical section was unlocked. According
to RCU usage rules, this is illegal and can lead to unpredictable
behavior, such as accessing memory that has been updated or causing
use-after-free issues.
This possible bug was identified using a static analysis tool developed
by myself, specifically designed to detect RCU-related issues.
To address this, the
scan_req->type
value is now stored in a localvariable
scan_req_type
while still within the RCU read-side criticalsection. The
scan_req_type
is then used after the RCU lock is released,ensuring that the type value is safely accessed without violating RCU
rules.
References