Tglx

**Name of the Vulnerable Software and Affected Versions** Linux kernel (affected versions not specified) **Description** An issue exists in the `remove waiter()` function within the rtmutex component. The function incorrectly uses the `current` task instead of `waiter::task` during dequeue operations. This occurs specifically during proxy-lock rollback in `rt mutex start proxy lock()` when called from `futex requeue()`, where `waiter::task` is not the current task. This leads to the rbtree dequeue occurring without the `waiter::task::pi lock` being held, the `pi blocked on` state of the waiter task remaining uncleared (creating a dangling pointer that may lead to Use-After-Free), and the `rt mutex adjust prio chain()` function operating on the incorrect top priority waiter task. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.