lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <CALbr=LZvZJn=Qoyfsr=m-_eCJYwRafmdXV+TAUQSib4H0j27rA@mail.gmail.com>
Date: Tue, 16 Dec 2025 15:31:43 +0800
From: Gui-Dong Han <hanguidong02@...il.com>
To: ioana.ciornei@....com
Cc: linuxppc-dev@...ts.ozlabs.org, linux-kernel@...r.kernel.org, 
	baijiaju1990@...il.com, stable@...r.kernel.org
Subject: Re: [PATCH] bus: fsl-mc: fix use-after-free in driver_override_show()

Hi Ioana,

This is a gentle ping regarding the patch above.

I understand you are likely very busy, but I wanted to check if this
might have been missed.

For additional context, I have audited the kernel subsystems that
implement the driver_override attribute. Out of the 11 buses that use
this feature, 10 already hold the device lock during the show
operation to prevent the use-after-free race.

It appears that fsl-mc is currently the only remaining subsystem that
does not have this protection. It would be great to align it with the
rest of the kernel to close this gap.

Please let me know if there are any concerns or if any changes are needed.

Thanks,
Gui-Dong Han

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ