Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
A race condition Use-After-Free vulnerability exists in the virtio_transport_space_update function within the Kernel 5.4 on ChromeOS. Concurrent allocation and freeing of the virtio_vsock_sock structure during an AF_VSOCK connect syscall can occur before a worker thread accesses it resulting in a dangling pointer and potential kernel code execution.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Google ChromeOS Kernel 安全漏洞
Vulnerability Description
Google ChromeOS Kernel是美国谷歌(Google)公司的一个操作系统核心。 Google ChromeOS Kernel 5.4存在安全漏洞,该漏洞源于virtio_transport_space_update函数存在竞争条件释放后重用漏洞,可能导致内核代码执行。
CVSS Information
N/A
Vulnerability Type
N/A