In the Linux kernel, the following vulnerability has been resolved: crypto: qat - Fix ADF_DEV_RESET_SYNC memory leak Using completion_done to determine whether the caller has gone away only works after a complete call. Furthermore it's still possible that the caller has not yet called wait_for_completion, resulting in another potential UAF. Fix this by making the caller use cancel_work_sync and then freeing the memory safely.
| Product | Vendor | Version |
|---|---|---|
| Linux | Linux | 0.7.0 |
| Linux | Linux | 0.7.1 |
| Linux | Linux | < 1.7.2-0ubuntu1.10 |
| Linux | Linux | Windows 10 Version 1809 for 32-bit Systems |