lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Message-ID: <6c550cbe2e1f22c18efd6dada81966bbb5269eaf.camel@iki.fi>
Date: Sat, 15 Nov 2025 16:25:14 +0200
From: Pauli Virtanen <pav@....fi>
To: c Z <rollkingzzc@...il.com>
Cc: linux-bluetooth@...r.kernel.org, Luiz Augusto von Dentz
	 <luiz.dentz@...il.com>, linux-kernel@...r.kernel.org
Subject: Re: [RFC] Bluetooth: SCO: make locking more systematic and fix
 missing locks

Hi,

pe, 2025-11-14 kello 01:37 +0800, c Z kirjoitti:
> Hi
> maintainers,
> 
> I’m the original reporter of the SCO UAF issue,
> but I’m writing from a different email address now because my previous
> mailbox is having some issues.
> 
> Could you please let me know
> whether this patch (or series) is currently considered to fully fix
> the reported UAF, or if further changes are expected?

To my knowledge
https://lore.kernel.org/linux-bluetooth/9ca502845fc793f3f76c02aef316a273d3b6929c.1762026583.git.pav@iki.fi/T/#u
should fix the issue.

It's RFC patch though, I'm waiting for feedback from you as I don't
have a reproducer for the issue, and Luiz if we want to go this heavy
on lockdep / sparse.

-- 
Pauli Virtanen

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ