In the Linux kernel, the following vulnerability has been resolved:
mm: list_lru: fix UAF for memory cgroup
The mem_cgroup_from_slab_obj() is supposed to be called under rcu lock or
cgroup_mutex or others which could prevent returned memcg from being
freed. Fix it by adding missing rcu read lock.
Found by code inspection.
[
[email protected]: only grab rcu lock when necessary, per Vlastimil]
Link: https://lkml.kernel.org/r/
[email protected]
> MITRE Terms of Use apply – see LICENSE‑MITRE.txt