- Description
- In the Linux kernel, the following vulnerability has been resolved: mm/damon/dbgfs: protect targets destructions with kdamond_lock DAMON debugfs interface iterates current monitoring targets in 'dbgfs_target_ids_read()' while holding the corresponding 'kdamond_lock'. However, it also destructs the monitoring targets in 'dbgfs_before_terminate()' without holding the lock. This can result in a use_after_free bug. This commit avoids the race by protecting the destruction with the corresponding 'kdamond_lock'.
- Source
- 416baaa9-dc9f-4396-8d5f-8c081fb06d67
- NVD status
- Analyzed
CVSS 3.1
- Type
- Primary
- Base score
- 7
- Impact score
- 5.9
- Exploitability score
- 1
- Vector string
- CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
- Severity
- HIGH
- nvd@nist.gov
- CWE-416
- Hype score
- Not currently trending
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7CD37FAC-AD9D-4A7B-9014-CF4F7A91800D",
"versionEndExcluding": "5.15.12",
"versionStartIncluding": "5.15"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:5.16:rc1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "357AA433-37E8-4323-BFB2-3038D6E4B414"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:5.16:rc2:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A73429BA-C2D9-4D0C-A75F-06A1CA8B3983"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:5.16:rc3:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F621B5E3-E99D-49E7-90B9-EC3B77C95383"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:5.16:rc4:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F7BFDCAA-1650-49AA-8462-407DD593F94F"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:5.16:rc5:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6EC9882F-866D-4ACB-8FBC-213D8D8436C8"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:5.16:rc6:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8A0915FE-A4AA-4C94-B783-CF29D81E7E54"
}
],
"operator": "OR"
}
]
}
]