Linux Kernel BFQ Scheduler Use-After-Free Vulnerability

A use-after-free vulnerability has been identified in the Linux kernel's BFQ (Budget Fair Queueing) I/O scheduler. This issue arises when the scheduler improperly manages asynchronous queue references, leading to a memory corruption flaw. The vulnerability was discovered during the removal of a module, where a freed memory address was accessed, causing a use-after-free condition. This flaw can potentially be exploited to manipulate memory, which may lead to arbitrary code execution or other malicious outcomes.

Impact

Exploitation of this vulnerability causes a use-after-free condition, which can lead to memory corruption. Such memory corruption vulnerabilities can often be exploited to execute arbitrary code with kernel privileges.

Reproduction

The vulnerability can be reproduced by loading a kernel module that activates the BFQ I/O scheduler, and then immediately removing that module. This process triggers the BFQ scheduler to improperly handle asynchronous queue references, leading to a use-after-free condition.