References to Advisories, Solutions, and Tools

By selecting these links, you will be leaving NIST webspace. We have provided these links to other web sites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other web sites that are more appropriate for your purpose. NIST does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, NIST does not endorse any commercial products that may be mentioned on these sites. Please address comments about this page to [email protected].

Change History

In the Linux kernel, the following vulnerability has been resolved:

ftrace: Fix invalid address access in lookup_rec() when index is 0

KASAN reported follow problem:

 BUG: KASAN: use-after-free in lookup_rec
 Read of size 8 at addr ffff000199270ff0 by task modprobe
 CPU: 2 Comm: modprobe
 Call trace:
  kasan_report
  __asan_load8
  lookup_rec
  ftrace_location
  arch_check_ftrace_location
  check_kprobe_address_safe
  register_kprobe

When checking pg->records[pg->index - 1].ip in lookup_rec(

https://git.kernel.org/stable/c/2a0d71fabfeb349216d33f001a6421b1768bd3a9

https://git.kernel.org/stable/c/2de28e5ce34b22b73b833a21e2c45ae3aade3964

https://git.kernel.org/stable/c/4f84f31f63416b0f02fc146ffdc4ab32723eb7e8

https://git.kernel.org/stable/c/7569ee04b0e3b32df79f64db3a7138573edad9bc

https://git.kernel.org/stable/c/83c3b2f4e7c61367c7b24551f4c6eb94bbdda283

https://git.kernel.org/stable/c/ac58b88ccbbb8e9fb83e137cee04a856b1ea6635

https://git.kernel.org/stable/c/ee92fa443358f4fc0017c1d0d325c27b37802504

https://git.kernel.org/stable/c/f1bd8b7fd890d87d0dc4dedc6287ea34dd07c0b4