Linux Kernel ACPI Table Loading Memory Management Use-After-Free Vulnerability

A use-after-free vulnerability has been identified in the Linux kernel's handling of ACPI tables, specifically within the EFI SSDT loading process. This issue arises because the memory containing the newly loaded ACPI table is freed unconditionally, rather than only in cases where the ACPI core fails to load the table. The vulnerability was introduced by a previous commit that altered how SSDTs are loaded from variables, bypassing the efivars layer. The unconditional memory deallocation can lead to use-after-free errors, which may be exploitable under certain conditions.

Impact

Exploitation of this vulnerability can lead to use-after-free errors, potentially allowing for memory corruption or arbitrary code execution.

Remediation

Users can upgrade to the latest version of the Linux kernel where this vulnerability has been addressed. Instructions for upgrading the Linux kernel can be found in the official Linux documentation or through the package management system of the respective Linux distribution.