Dingisoul

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified) Description The Linux kernel contained a use-after-free issue within the `nd async device register()` function during asynchronous initialization. This occurred when `device add()` failed, leading to a drop in the device reference count to zero before the parent pointer was accessed. The issue was identified using KASAN by Dingisoul and addressed by holding a reference to the parent pointer to ensure it remains valid regardless of the outcome of `device add()`. Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.