[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <CAJedcCz1ynutATi9qev1t3-moXti_19ZJSzgC2t-5q4JAYG3dw@mail.gmail.com>
Date: Sun, 16 Jul 2023 10:11:13 +0800
From: Zheng Hacker <hackerzheng666@...il.com>
To: Sergey Shtylyov <s.shtylyov@....ru>
Cc: Lee Jones <lee@...nel.org>, Jakub Kicinski <kuba@...nel.org>,
Zheng Wang <zyytlz.wz@....com>, davem@...emloft.net,
linyunsheng@...wei.com, edumazet@...gle.com, pabeni@...hat.com,
netdev@...r.kernel.org, linux-kernel@...r.kernel.org,
1395428693sheep@...il.com, alex000young@...il.com
Subject: Re: [PATCH net v3] net: ravb: Fix possible UAF bug in ravb_remove
Hello,
This bug is found by static analysis. I'm sorry that my friends apply
for a CVE number before we really fix it. We made a list about the
bugs we have submitted and wouldn't disclose them before the fix. But
we had a inconsistent situation last month. And we applied it by
mistake foe we thought we had fixed it. And so sorry about my late
reply, I'll see the patch right now.
Best regards,
Zheng Wang
Sergey Shtylyov <s.shtylyov@....ru> 于2023年7月16日周日 04:48写道:
>
> On 7/15/23 7:07 PM, Zheng Hacker wrote:
>
> > Sorry for my late reply. I'll see what I can do later.
>
> That's good to hear!
> Because I'm now only able to look at it during weekends...
>
> > Lee Jones <lee@...nel.org> 于2023年7月12日周三 19:56写道:
> >>
> >> On Mon, 10 Jul 2023, Jakub Kicinski wrote:
> >>
> >>> On Mon, 10 Jul 2023 12:42:53 +0100 Lee Jones wrote:
> >>>> For better or worse, it looks like this issue was assigned a CVE.
> >>>
> >>> Ugh, what a joke.
> >>
> >> I think that's putting it politely. :)
> >>
> >> --
> >> Lee Jones [李琼斯]
>
> MBR, Sergey
Powered by blists - more mailing lists