Longlong Xia

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 6.11.0+ Description: The issue is related to a use-after-free vulnerability in the `gsm cleanup mux` function in the Linux kernel. This vulnerability can be exploited by an attacker to impact the confidentiality, integrity, and availability of protected information. The vulnerability occurs when `gsm msg` on the `tx ctrl list` or `tx data list` of `gsm mux` can be freed by multiple threads through `ioctl`, leading to a use-after-free condition. The vulnerability can be protected by using the `gsm tx lock`. Recommendations: To resolve the issue, update the Linux kernel to a version that includes the fix for the `gsm cleanup mux` use-after-free vulnerability. As a temporary workaround, consider restricting access to the `ioctl` function to minimize the risk of exploitation. Additionally, ensure that the `gsm tx lock` is properly used to protect against the use-after-free condition.