lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <Y5H9W6KVXhD9bcNT@google.com>
Date:   Thu, 8 Dec 2022 15:06:19 +0000
From:   Lee Jones <lee@...nel.org>
To:     Yang Yingliang <yangyingliang@...wei.com>
Cc:     krzysztof.kozlowski@...onical.com, linux-kernel@...r.kernel.org
Subject: Re: [PATCH] mfd: core: fix UAF while using device of node

On Thu, 08 Dec 2022, Yang Yingliang wrote:

> Hi,
> 
> On 2022/11/16 15:41, Yang Yingliang wrote:
> > I got the following UAF report:
> > 
> >    refcount_t: underflow; use-after-free.
> >    WARNING: CPU: 1 PID: 270 at lib/refcount.c:29 refcount_warn_saturate+0x121/0x180
> >    ...
> >    OF: ERROR: memory leak, expected refcount 1 instead of -1073741824,
> >    of_node_get()/of_node_put() unbalanced - destroy cset entry:
> >    attach overlay node /i2c/pmic@...powerkey
> > 
> > The of_node of device assigned in mfd_match_of_node_to_dev() need be
> > get, and it will be put in platform_device_release().
> > 
> > Fixes: 002be8114007 ("mfd: core: Add missing of_node_put for loop iteration")
> > Signed-off-by: Yang Yingliang <yangyingliang@...wei.com>
> Is this patch good or do you have any suggestion ?

Looks okay, but I'm not applying it this late in the cycle.

Please wait until the next merge-window closes.

-- 
Lee Jones [李琼斯]

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ