RootCauseunvalidated

The code at lines 748-750 extracts the first section from the chain — This first section is never checked in the exclusion loop at lines 754-771 because it's no longer in sinfo->chain. Tension: hash table entries created from this first section remain in the hash table and reference its sec_merge_sec_info structure. Outcome: accessing secinfo->sec->size results in potential use-after-free.

a4776f56-6f90-43e2-b3b3-f09d981d4947

The code at lines 748-750 extracts the first section from the chain — This first section is never checked in the exclusion loop at lines 754-771 because it's no longer in sinfo->chain. Tension: hash table entries created from this first section remain in the hash table and reference its sec_merge_sec_info structure. Outcome: accessing secinfo->sec->size results in potential use-after-free.

The code at lines 748-750 extracts the first section from the chain — This first section is never checked in the exclusion loop at lines 754-771 because it's no longer in sinfo->chain. Tension: hash table entries created from this first section remain in the hash table and reference its sec_merge_sec_info structure. Outcome: accessing secinfo->sec->size results in potential use-after-free. - inErrata Knowledge Graph | Inerrata