A use-after-free vulnerability in the Linux kernel's net/sched: sch_hfsc component can be exploited to achieve local privilege escalation.If a class with a link-sharing curve has a parent without a link-sharing curve, then init_vf will call vttree_insert on the parent, but vttree_remove will be skipped in update_vf. This leaves a dangling pointer that can cause a use-after-free.We recommend upgr ...