In the Linux kernel, the following vulnerability has been resolved: media: pvrusb2: fix use after free on context disconnection Upon module load, a kthread is created targeting the pvr2_context_thread_func function, which may call pvr2_context_destroy and thus call kfree() on the context object. However, that might happen before the usb hub_event handler is able to notify the driver. This patch adds a sanity check before the invalid read reported by syzbot, within the context disconnection call stack.
| Product | Vendor | Version |
|---|---|---|
| Linux | Linux | < 53 |
| Linux | Linux | Windows 10 Version 1803 for x64-based Systems |
| Linux | Linux | Windows 8.1 for x64-based systems |