In the Linux kernel, the following vulnerability has been resolved:
bpf: Fix a potential use-after-free in bpflinkfree()
After commit 1a80dbcb2dba, bpflink can be freed by link->ops->deallocdeferred, but the code still tests and uses link->ops->dealloc afterward, which leads to a use-after-free as reported by syzbot. Actually, one of them should be sufficient, so just call one of them instead of both. Also add a WARN_ON() in case of any problematic implementation.