VYPR
Unrated severityNVD Advisory· Published Mar 4, 2024· Updated Nov 4, 2025

tomoyo: fix UAF write bug in tomoyo_write_control()

CVE-2024-26622

Description

In the Linux kernel, the following vulnerability has been resolved:

tomoyo: fix UAF write bug in tomoyo_write_control()

Since tomoyo_write_control() updates head->write_buf when write() of long lines is requested, we need to fetch head->write_buf after head->io_sem is held. Otherwise, concurrent write() requests can cause use-after-free-write and double-free problems.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

217

Patches

Vulnerability mechanics

References

6

News mentions

0

No linked articles in our index yet.