| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 22 Jun 2012 04:53:29 +0100
From: Ben Hutchings <ben@...adent.org.uk>
To: Keng-Yu Lin <kengyu@...onical.com>
Cc: stable@...r.kernel.org,
Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
wwang <wei_wang@...lsil.com.cn>,
Hitoshi NAKAMORI <hitoshi.nakamori@...il.com>,
devel@...verdev.osuosl.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH 3.2.y 3.3.y] staging:rts_pstor:Fix possible panic by
NULL pointer dereference
On Thu, 2012-06-21 at 16:18 +0800, Keng-Yu Lin wrote:
> From: wwang <wei_wang@...lsil.com.cn>
>
> commit 0d05568ac79bfc595f1eadc3e0fd7a20a45f7b69 upstream.
>
> rtsx_transport.c (rtsx_transfer_sglist_adma_partial):
> pointer struct scatterlist *sg, which is mapped in dma_map_sg,
> is used as an iterator in later transfer operation. It is corrupted and
> passed to dma_unmap_sg, thus causing fatal unmap of some erroneous address.
> Fix it by duplicating *sg_ptr for iterating.
[...]
Added to the queue for 3.2, thanks.
Ben.
--
Ben Hutchings
Every program is either trivial or else contains at least one bug
Download attachment "signature.asc" of type "application/pgp-signature" (829 bytes)
Powered by blists - more mailing lists