tags:race_conditionuaflinuxlpekernelrcu original link: Deep Dive into RCU Race Condition: Analysis of TCP-AO UAF (CVE-2024–27394) newsletter link: exploits.club Weekly Newsletter 38 - Linux Races, Blind Memory Corruption, LLM Java Fuzzing, and More
Exploits Club Summary:
A new post out of Theori this week walks through a different Linux race-condition leading to UAF. The bug happens during the TCP Authentication Option connection initiation and stems from improper usage of the Read-Copy-Update API (which the post covers at length). To reliably win the race, the team leveraged ExpRace, which was initially presented at USENIX ‘21.