| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <TYCP286MB1188FABA20A0F8F3C6498E538A8E9@TYCP286MB1188.JPNP286.PROD.OUTLOOK.COM>
Date: Fri, 5 Nov 2021 07:07:42 +0000
From: YE Chengfeng <cyeaa@...nect.ust.hk>
To: "stefanr@...6.in-berlin.de" <stefanr@...6.in-berlin.de>,
"linux1394-devel@...ts.sourceforge.net"
<linux1394-devel@...ts.sourceforge.net>,
"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>
Subject: firewire: suspected uaf issue
Hi,
We notice that after client_put(client); at #line 1316, client is dereferenced l(e.g., #line 1318), and we don't see any client_get(client) like statement before clientt_put(client). Could it be a uaf issue?
https://github.com/torvalds/linux/blob/master/drivers/firewire/core-cdev.c#L1316
Best regards.
Chengfeng
Powered by blists - more mailing lists