Linux Kernel Use-After-Free Vulnerability in proc_get_inode

A use-after-free vulnerability has been identified in the Linux kernel's proc_get_inode function. This issue arises from a race condition between module removal and the instantiation of inodes in the /proc filesystem. The vulnerability occurs because the procedure entry's operations are dereferenced after the entry has been registered, leading to the potential access of freed memory. Exploitation of this vulnerability can cause a page fault, disrupting normal system operations.

Impact

Exploitation of this vulnerability leads to a use-after-free condition, causing a page fault and potentially allowing for arbitrary code execution or other memory corruption issues.

Reproduction

The vulnerability can be reproduced by creating a /proc entry that uses a module's proc_ops. After the entry is registered, the module can be removed, freeing the associated memory. A subsequent access to the proc_ops will dereference a pointer to the freed memory, triggering the use-after-free condition.