lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date:	Sat, 17 Oct 2015 22:57:33 -0400
From:	Theodore Ts'o <tytso@....edu>
To:	Andreas Dilger <adilger@...ger.ca>
Cc:	Lukáš Czerner <lczerner@...hat.com>,
	linux-ext4@...r.kernel.org
Subject: Re: [PATCH] ext4: fix potential use after free in __ext4_journal_stop

On Mon, Oct 05, 2015 at 01:20:52PM -0600, Andreas Dilger wrote:
> > On Oct 5, 2015, at 8:18 AM, Lukáš Czerner <lczerner@...hat.com> wrote:
> > On Wed, 2 Sep 2015, Lukas Czerner wrote:
> > 
> >> Date: Wed,  2 Sep 2015 16:45:54 +0200
> >> From: Lukas Czerner <lczerner@...hat.com>
> >> To: linux-ext4@...r.kernel.org
> >> Cc: Lukas Czerner <lczerner@...hat.com>
> >> Subject: [PATCH] ext4: fix potential use after free in __ext4_journal_stop
> >> 
> >> There is a use-after-free possibility in __ext4_journal_stop() in the
> >> case that we free the handle in the first jbd2_journal_stop() because
> >> we're referencing handle->h_err afterwards. This was introduced in
> >> 9705acd63b125dee8b15c705216d7186daea4625 and it is wrong. Fix it by
> >> storing the handle->h_err value beforehand and avoid referencing
> >> potentially freed handle.
> > 
> > ping
> >> 
> >> Signed-off-by: Lukas Czerner <lczerner@...hat.com>
> 
> Reviewed-by: Andreas Dilger <adilger@...ger.ca>

Applied, thanks.

						- Ted
--
To unsubscribe from this list: send the line "unsubscribe linux-ext4" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists