jbd2_journal_wait_updates in fs/jbd2/transaction.c in the Linux kernel before 5.17.1 has a use-after-free caused by a transaction_t race condition.
Published April 8, 2022.
Redhat Enterprise Linux
Fedoraproject Fedora
Linux Linux Kernel
