lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <YQUDsiFItvqsVxdz@kroah.com>
Date:   Sat, 31 Jul 2021 10:02:58 +0200
From:   Greg KH <greg@...ah.com>
To:     Kalle Valo <kvalo@...eaurora.org>
Cc:     Nguyen Dinh Phi <phind.uet@...il.com>, johannes@...solutions.net,
        davem@...emloft.net, kuba@...nel.org, netdev@...r.kernel.org,
        linux-wireless@...r.kernel.org, linux-kernel@...r.kernel.org,
        linux-kernel-mentees@...ts.linuxfoundation.org
Subject: Re: [PATCH V2] cfg80211: Fix possible memory leak in function
 cfg80211_bss_update

On Sat, Jul 31, 2021 at 10:53:28AM +0300, Kalle Valo wrote:
> Greg KH <greg@...ah.com> writes:
> 
> > On Mon, Jun 28, 2021 at 09:23:34PM +0800, Nguyen Dinh Phi wrote:
> >> When we exceed the limit of BSS entries, this function will free the
> >> new entry, however, at this time, it is the last door to access the
> >> inputed ies, so these ies will be unreferenced objects and cause memory
> >> leak.
> >> Therefore we should free its ies before deallocating the new entry, beside
> >> of dropping it from hidden_list.
> >> 
> >> Signed-off-by: Nguyen Dinh Phi <phind.uet@...il.com>
> 
> [...]
> 
> > Did this change get lost somewhere?
> 
> Johannes applied it to the macc80211 tree:
> 
> https://git.kernel.org/pub/scm/linux/kernel/git/jberg/mac80211.git/commit/?id=f9a5c358c8d26fed0cc45f2afc64633d4ba21dff
> 
> Ah, and it's already in Linus' tree as well.

Ah, thanks, I had missed that it just landed there.

greg k-h

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ