Guo Zihua

**Name of the Vulnerable Software and Affected Versions** Linux kernel (affected versions not specified) **Description** A vulnerability in the Linux kernel has been resolved, which could cause a panic in the `ima match policy` function due to a kernel NULL pointer dereference. The issue arises from a call to `ima lsm copy rule` within a RCU read-side critical section, containing `kmalloc` with `GFP KERNEL`, which implies a possible sleep and violates the limitations of RCU read-side critical sections on non-PREEMPT systems. This could lead to `synchronize rcu` returning early, breaking RCU protection and allowing a Use-After-Free (UAF) to occur. The root cause involves a race condition between two threads, where one thread frees an entry while the other thread tries to access it, potentially causing a panic. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.