A flaw was found in the ATA over Ethernet (AoE) driver in the Linux kernel. The aoecmdcfgpkts() function improperly updates the refcnt on struct net_device
, and a use-after-free can be triggered by racing between the free on the struct and the access through the skbtxq
global queue. This could lead to a denial of service condition or potential code execution.