CVE-2021-47318

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> arch_topology: Avoid use-after-free for scale_freq_data<br /> <br /> Currently topology_scale_freq_tick() (which gets called from<br /> scheduler_tick()) may end up using a pointer to "struct<br /> scale_freq_data", which was previously cleared by<br /> topology_clear_scale_freq_source(), as there is no protection in place<br /> here. The users of topology_clear_scale_freq_source() though needs a<br /> guarantee that the previously cleared scale_freq_data isn&amp;#39;t used<br /> anymore, so they can free the related resources.<br /> <br /> Since topology_scale_freq_tick() is called from scheduler tick, we don&amp;#39;t<br /> want to add locking in there. Use the RCU update mechanism instead<br /> (which is already used by the scheduler&amp;#39;s utilization update path) to<br /> guarantee race free updates here.<br /> <br /> synchronize_rcu() makes sure that all RCU critical sections that started<br /> before it is called, will finish before it returns. And so the callers<br /> of topology_clear_scale_freq_source() don&amp;#39;t need to worry about their<br /> callback getting called anymore.