Linux Kernel Use-After-Free Vulnerability in Key Management

Vulnerability

A use-after-free vulnerability has been identified in the Linux kernel's key management system. The issue arises in the key_put() function, which improperly accesses a key after its reference count has dropped to zero, allowing the garbage collector to destroy it. This violation occurs because the function attempts to expedite quota reclamation by modifying garbage collection work, but inadvertently interacts with the key post-deletion, which is not permitted. The vulnerability has been addressed by introducing a flag to signal that a key is ready for garbage collection, rather than relying on the key's reference count.

Impact

Exploitation of this vulnerability could lead to a use-after-free condition, potentially allowing for arbitrary code execution or memory corruption.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

3.5

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

3.5

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel Use-After-Free Vulnerability in Key Management

Vulnerability

Impact

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating