| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20151209150356.GA3886@mrl.redhat.com> Date: Wed, 9 Dec 2015 13:03:56 -0200 From: Marcelo Ricardo Leitner <marcelo.leitner@...il.com> To: Dmitry Vyukov <dvyukov@...gle.com> Cc: Vlad Yasevich <vyasevich@...il.com>, netdev <netdev@...r.kernel.org>, Eric Dumazet <eric.dumazet@...il.com>, syzkaller <syzkaller@...glegroups.com>, linux-sctp@...r.kernel.org, Kostya Serebryany <kcc@...gle.com>, Alexander Potapenko <glider@...gle.com>, Sasha Levin <sasha.levin@...cle.com> Subject: Re: use-after-free in sctp_do_sm On Wed, Dec 09, 2015 at 03:41:29PM +0100, Dmitry Vyukov wrote: > On Tue, Dec 8, 2015 at 8:22 PM, Dmitry Vyukov <dvyukov@...gle.com> wrote: > > On Tue, Dec 8, 2015 at 6:40 PM, Marcelo Ricardo Leitner > > <marcelo.leitner@...il.com> wrote: ... > >> The patches were combined already, but this last pick by Vlad is just > >> not yet patched. It's not necessary for your testing and I didn't want > >> to interrupt it in case you were already testing it. > >> > >> You can use my last patch here, from 2 emails ago, the one which > >> contains this line: > >> - case SCTP_DISPOSITION_ABORT: > > > > > > You are right. I missed that they are combined. Testing with it now. > > > > > Use-after-free still happens. > I am on commit aa53685549a2cfb5f175b0c4a20bc9aa1e5a1b85 (Dec 8) plus > the following sctp-related changes: Changes are fine. Ugh. Ok, I'll try your new reproducer here. Marcelo -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists