Cheung Wall

**Name of the Vulnerable Software and Affected Versions** Linux kernel (affected versions not specified) **Description** A use-after-free bug was reported in the Linux kernel, specifically in the workqueue module. The issue arises from a commit that reaps normal workers but fails to handle the rescuer, leading to a situation where the pool's reference is not held until the detachment is complete. This results in a use-after-free bug. The bug was reported by Cheung Wall. **Recommendations** To resolve the issue, the code that puts the pwq should be moved after detaching the rescuer from the pool, ensuring the pool's reference is held until the detachment is complete. At the moment, there is no information about a newer version that contains a fix for this vulnerability.