Google: >> Chrome Os >> 15474.84.0 Security Vulnerabilities
A race condition Use-After-Free vulnerability exists in the virtio_transport_space_update function within the Kernel 5.4 on ChromeOS. Concurrent allocation and freeing of the virtio_vsock_sock structure
during an AF_VSOCK connect syscall can occur before a worker thread accesses it resulting in a dangling pointer and potential kernel code execution.
CVSS Score
8.1
EPSS Score
0.001
Published
2025-04-17