Linux Kernel Block Layer Use-After-Free Vulnerability in BFQ I/O Scheduler

A use-after-free vulnerability has been identified in the Linux kernel's block layer, specifically within the Budget Fair Queueing (BFQ) I/O scheduler. This issue arises from a crash triggered by a commit that was intended to enhance queue merging but inadvertently introduced the use-after-free bug. Although the problematic commit was reverted, the reversion did not address the root cause of the issue. The vulnerability has since been resolved by a separate commit that corrects the underlying problem.

Impact

Exploitation of this vulnerability leads to a use-after-free condition, which can commonly result in memory corruption and potentially allow for arbitrary code execution.