Linux Kernel RCU Read Protection Vulnerability in procfs for BCM Operations

Vulnerability

A vulnerability in the Linux kernel related to the handling of procfs content for BCM operations has been addressed. When procfs data is generated for a BCM operation that is in the process of being removed, the output may contain unreliable information due to a use-after-free condition. This issue arises because the removal process lacks proper read-side synchronization. The vulnerability has been resolved by adding the necessary RCU read lock, ensuring that list entries are correctly managed under RCU protection.

Impact

The vulnerability could lead to a use-after-free condition, allowing for the potential execution of arbitrary code or causing a denial-of-service by crashing the system.

Added: Jun 8, 2025, 11:18 AM

Updated: Jun 8, 2025, 11:18 AM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

0.6

exploitability

5.3

remediation

0.0

relevance

0.2

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

0.6

exploitability

5.3

remediation

0.0

relevance

0.2

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel RCU Read Protection Vulnerability in procfs for BCM Operations

Vulnerability

Impact

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating