CVE-2024-26622 Information

Description

In the Linux kernel the following vulnerability has been resolved:

tomoyo: fix UAF write bug in tomoyo_write_control()

Since tomoyo_write_control() updates head->write_buf when write() of long lines is requested we need to fetch head->write_buf after head->io_sem is held. Otherwise concurrent write() requests can cause use-after-free-write and double-free problems.

Reference

https://git.kernel.org/stable/c/2f03fc340cac9ea1dc63cbf8c93dd2eb0f227815