Fixed
Created: Feb 14, 2019
Updated: Mar 27, 2019
Resolved Date: Mar 12, 2019
Found In Version: 10.17.41.1
Fix Version: 10.17.41.15
Severity: Standard
Applicable for: Wind River Linux LTS 17
Component/s: Kernel
A use after free issue was found in the way Linux kernel's KVM hypervisor implements its device control API. While creating a device via kvm_ioctl_create_device(), device holds a reference to a VM object, latter this reference is transferred to caller's file descriptor table. If such file descriptor was to be closed, reference count to the VM object could become zero, potentially leading to use-after-free issue latter.
https://nvd.nist.gov/vuln/detail/CVE-2019-6974