| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20151018025733.GK2678@thunk.org> Date: Sat, 17 Oct 2015 22:57:33 -0400 From: Theodore Ts'o <tytso@....edu> To: Andreas Dilger <adilger@...ger.ca> Cc: Lukáš Czerner <lczerner@...hat.com>, linux-ext4@...r.kernel.org Subject: Re: [PATCH] ext4: fix potential use after free in __ext4_journal_stop On Mon, Oct 05, 2015 at 01:20:52PM -0600, Andreas Dilger wrote: > > On Oct 5, 2015, at 8:18 AM, Lukáš Czerner <lczerner@...hat.com> wrote: > > On Wed, 2 Sep 2015, Lukas Czerner wrote: > > > >> Date: Wed, 2 Sep 2015 16:45:54 +0200 > >> From: Lukas Czerner <lczerner@...hat.com> > >> To: linux-ext4@...r.kernel.org > >> Cc: Lukas Czerner <lczerner@...hat.com> > >> Subject: [PATCH] ext4: fix potential use after free in __ext4_journal_stop > >> > >> There is a use-after-free possibility in __ext4_journal_stop() in the > >> case that we free the handle in the first jbd2_journal_stop() because > >> we're referencing handle->h_err afterwards. This was introduced in > >> 9705acd63b125dee8b15c705216d7186daea4625 and it is wrong. Fix it by > >> storing the handle->h_err value beforehand and avoid referencing > >> potentially freed handle. > > > > ping > >> > >> Signed-off-by: Lukas Czerner <lczerner@...hat.com> > > Reviewed-by: Andreas Dilger <adilger@...ger.ca> Applied, thanks. - Ted -- To unsubscribe from this list: send the line "unsubscribe linux-ext4" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists