Primary

Context

Linux Kernel ftrace Use-After-Free Vulnerability via Kprobe Tracepoint

Vulnerability

A use-after-free vulnerability has been identified in the Linux kernel's ftrace functionality. This issue arises when a module using kprobes disables ftrace, leading to a race condition. Specifically, the problem occurs because ftrace_mod_get_kallsym accesses module information that has already been freed, triggered by a sequence of loading and unloading the module while ftrace is disabled.

Impact

Exploitation of this vulnerability can lead to a use-after-free condition, potentially allowing for arbitrary code execution or memory corruption.

Reproduction

To reproduce this vulnerability, first add a kprobe tracepoint. Then, load a test module that triggers an ftrace disable. Afterward, remove the test module and access /proc/kallsyms, which will invoke the ftrace function that accesses freed memory, causing the use-after-free vulnerability.

Added: Jul 10, 2025, 10:40 AM

Updated: Jul 10, 2025, 10:40 AM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

3.4

remediation

0.0

relevance

0.2

threat

4.8

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

3.4

remediation

0.0

relevance

0.2

threat

4.8

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel ftrace Use-After-Free Vulnerability via Kprobe Tracepoint

Vulnerability

Impact

Reproduction

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating