Linux Kernel Use-After-Free Vulnerability in Ftrace Operations

A use-after-free vulnerability has been identified in the Linux kernel's ftrace functionality. This issue arises when dynamic ftrace operations are registered and unregistered in a way that creates a race condition. Specifically, the vulnerability occurs when the 'ftrace_ops_list_func' callback is used, leading to a potential access violation if ftrace is activated while the operations are being manipulated. The issue was reported by KASAN (Kernel Address Sanitizer) as a use-after-free error, indicating that memory was freed while still being accessed by another part of the system.

Impact

Exploitation of this vulnerability can lead to a use-after-free condition, where freed memory is accessed, potentially causing memory corruption or allowing for arbitrary code execution.

Reproduction

The vulnerability can be reproduced by registering two dynamic ftrace operations with the same content successively. After unregistering the second operation, the use-after-free condition is triggered, as the first operation is still active but has been improperly synchronized, allowing another CPU to access the freed memory.