Kevin Tanguy

**Name of the Vulnerable Software and Affected Versions** Linux kernel (affected versions not specified) **Description** The issue is related to a use-after-free error in the Linux kernel's sched/fair component. This error occurs when the `unregister fair sched group()` function unlinks all `cfs rq`s from a dying task group without protecting itself from interruptions. If a timer interrupt triggers during this process, the `sched cfs period timer()` function may execute and attempt to unthrottle `cfs rq`s, leading to a situation where these `cfs rq`s are freed while still being linked. This can result in a crash or potentially allow an attacker to elevate privileges in the system. The root cause of the issue is the `tg unthrottle up()` function being called via `sched cfs period timer()` at an inconvenient time. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.