In the Linux kernel, pick_next_rt_entity() may return a type confused entry, not detected by the BUG_ON condition, as the confused entry will not be NULL, but list_head.The buggy error condition would lead to a type confused entry with the list head,which would then be used as a type confused sched_rt_entity,causing memory corruption.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: redhat

Published: 2023-03-27T00:00:00

Updated: 2024-08-02T05:32:46.360Z

Reserved: 2023-02-27T00:00:00

Link: CVE-2023-1077

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2023-03-27T21:15:10.467

Modified: 2024-11-21T07:38:24.903

Link: CVE-2023-1077

cve-icon Redhat

Severity : Moderate

Publid Date: 2023-02-06T00:00:00Z

Links: CVE-2023-1077 - Bugzilla