A use-after-free flaw was found in kernel/trace/ring_buffer.c in Linux kernel (before 5.10-rc1). There was a race problem in trace_open and resize of cpu buffer running parallely on different cpus, may cause a denial of service problem (DOS). This flaw could even allow a local attacker with special user privilege to a kernel information leak threat.
The product contains a concurrent code sequence that requires temporary, exclusive access to a shared resource, but a timing window exists in which the shared resource can be modified by another code sequence operating concurrently.
| Link | Tags |
|---|---|
| https://bugzilla.redhat.com/show_bug.cgi?id=1905155 | patch third party advisory issue tracking |
| https://www.debian.org/security/2021/dsa-4843 | third party advisory vendor advisory |
| https://lists.debian.org/debian-lts-announce/2021/02/msg00018.html | third party advisory mailing list |
| https://lists.debian.org/debian-lts-announce/2021/03/msg00010.html | third party advisory mailing list |
| https://security.netapp.com/advisory/ntap-20210521-0008/ | third party advisory |