| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 24 Feb 2023 10:55:08 -0800
From: Jakub Kicinski <kuba@...nel.org>
To: Hangyu Hua <hbh25y@...il.com>
Cc: Florian Westphal <fw@...len.de>, borisp@...dia.com,
john.fastabend@...il.com, davem@...emloft.net, edumazet@...gle.com,
pabeni@...hat.com, davejwatson@...com, aviadye@...lanox.com,
ilyal@...lanox.com, sd@...asysnail.net, netdev@...r.kernel.org,
linux-kernel@...r.kernel.org
Subject: Re: [PATCH] net: tls: fix possible race condition between
do_tls_getsockopt_conf() and do_tls_setsockopt_conf()
On Fri, 24 Feb 2023 13:06:06 +0100 Florian Westphal wrote:
> Hangyu Hua <hbh25y@...il.com> wrote:
> > ctx->crypto_send.info is not protected by lock_sock in
> > do_tls_getsockopt_conf(). A race condition between do_tls_getsockopt_conf()
> > and do_tls_setsockopt_conf() can cause a NULL point dereference or
> > use-after-free read when memcpy.
>
> Its good practice to quote the relevant parts of the splat here.
Right, the bug and the fix seem completely bogus.
Please make sure the bugs are real and the fixes you sent actually
fix them.
Powered by blists - more mailing lists