Skip to content

cls_tcindex traffic-control UAF (CVE-2023-1829)

Aynı bug/CVE: bkz. canonical not net/sched cls_tcindex UAF (CVE-2023-1829).

Mechanism

Bu not, tcindex perfect-hash path'inin filter'ı deactivate etmeden exts->actions'ı free etmesinden doğan double-free/UAF'ı (CVE-2023-1829) anlatır — tam açıklama canonical not'ta: net/sched cls_tcindex UAF (CVE-2023-1829).

Walkthrough

Tam walkthrough canonical not'ta: net/sched cls_tcindex UAF.

References