GHSA-84fp-h279-ggmw
GitHub Security Advisory
⚠ Unreviewed
HIGH
Has CVE
Advisory Details
In the Linux kernel, the following vulnerability has been resolved:
media: pvrusb2: fix use after free on context disconnection
Upon module load, a kthread is created targeting the
pvr2_context_thread_func function, which may call pvr2_context_destroy
and thus call kfree() on the context object. However, that might happen
before the usb hub_event handler is able to notify the driver. This
patch adds a sanity check before the invalid read reported by syzbot,
within the context disconnection call stack.
Related CVEs
Key Information
7.5
/10
Dataset
Last updated: August 2, 2025 6:46 AM
Data from GitHub Advisory Database. This information is provided for research and educational purposes.