| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <1368477007-25274-1-git-send-email-joern@logfs.org> Date: Mon, 13 May 2013 16:30:04 -0400 From: Joern Engel <joern@...fs.org> To: linux-kernel@...r.kernel.org Cc: "Nicholas A. Bellinger" <nab@...ux-iscsi.org>, Greg Kroah-Hartman <gregkh@...uxfoundation.org>, target-devel <target-devel@...r.kernel.org>, Joern Engel <joern@...fs.org> Subject: [PATCH 0/3] target: Fix two races leading to use-after-free In our testing we've encountered use-after-free bugs, usually in the shape of double list_del, at a rate of 2-10 per week. Patches 2 and 3 fix two races that can both lead to use-after-free and after applying both of those patches, we have been bug-free for some weeks now. Patch 1 is an unrelated trivial cleanup. I just happened to spot it while I was in the area. Joern Engel (3): target: removed unused transport_state flag target: close target_put_sess_cmd() vs. core_tmr_abort_task() race v5 target: simplify target_wait_for_sess_cmds() drivers/infiniband/ulp/srpt/ib_srpt.c | 2 +- drivers/scsi/qla2xxx/tcm_qla2xxx.c | 2 +- drivers/target/target_core_transport.c | 73 +++++++++----------------------- include/linux/kref.h | 33 +++++++++++++++ include/target/target_core_base.h | 3 -- include/target/target_core_fabric.h | 2 +- 6 files changed, 57 insertions(+), 58 deletions(-) -- 1.7.10.4 -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists