| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20170803192354.GA1598@kroah.com>
Date: Thu, 3 Aug 2017 12:23:54 -0700
From: Greg KH <gregkh@...uxfoundation.org>
To: Nick Desaulniers <ndesaulniers@...gle.com>
Cc: hare@...e.de, jthumshirn@...e.de, hch@....de, salyzyn@...gle.com,
Robb Glasser <rglasser@...gle.com>,
Doug Gilbert <dgilbert@...erlog.com>,
"James E.J. Bottomley" <jejb@...ux.vnet.ibm.com>,
"Martin K. Petersen" <martin.petersen@...cle.com>,
linux-scsi@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH] scsi: sg: Prevent potential double frees in sg driver
On Thu, Aug 03, 2017 at 12:02:47PM -0700, Nick Desaulniers wrote:
> From: Robb Glasser <rglasser@...gle.com>
>
> sg_ioctl could be spammed by requests, leading to a double free in
> __free_pages. This protects the entry points of sg_ioctl where the
> memory could be corrupted by a double call to __free_pages if multiple
> requests are happening concurrently.
>
> Signed-off-by: Robb Glasser <rglasser@...gle.com>
> Signed-off-by: Nick Desaulniers <ndesaulniers@...gle.com>
> ---
> drivers/scsi/sg.c | 2 ++
> 1 file changed, 2 insertions(+)
Why no one on the to: line?
And do you want this in the stable kernel trees? If so, please read:
https://www.kernel.org/doc/html/latest/process/stable-kernel-rules.html
for how to do this properly.
thanks,
greg k-h
Powered by blists - more mailing lists