Chengen Du

Name of the Vulnerable Software and Affected Versions: Linux kernel (affected versions not specified) Description: The issue is related to a use-after-free vulnerability in the net/sched subsystem of the Linux kernel. Specifically, the `tcf ct flow table process conn` function may access memory after it has been freed, leading to a slab-use-after-free error. This can occur when a clash is resolved but the `ct` object is still passed to the `tcf ct flow table process conn` function for further processing. The vulnerability can be fixed by retrieving the `ct` object from the `skb` again after confirming the conntrack. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.