An issue exists in aio_poll() in fs/aio.c in the Linux kernel up to and including 5.0.4. A file may be released by aio_poll_wake() if an expected event is triggered immediately (e.g., by the close of a pair of pipes) after the return of vfs_poll(), and this will cause a use-after-free.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
linux linux kernel |
||
linux linux kernel 5.1 |
||
netapp active iq unified manager |
||
netapp hci management node - |
||
netapp snapprotect - |
||
netapp solidfire - |
||
netapp cn1610_firmware - |