lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-Id: <20160307.145406.188091362181073486.davem@davemloft.net>
Date:	Mon, 07 Mar 2016 14:54:06 -0500 (EST)
From:	David Miller <davem@...emloft.net>
To:	andreyknvl@...il.com
Cc:	torvalds@...ux-foundation.org, bjorn@...k.no, oneukum@...e.com,
	dvyukov@...gle.com, glider@...gle.com, kcc@...gle.com,
	gregkh@...uxfoundation.org, linux-usb@...r.kernel.org,
	netdev@...r.kernel.org
Subject: Re: Possible double-free in the usbnet driver

From: Andrey Konovalov <andreyknvl@...il.com>
Date: Mon, 7 Mar 2016 22:50:41 +0300

> On Mon, Mar 7, 2016 at 10:11 PM, David Miller <davem@...emloft.net> wrote:
>> From: Linus Torvalds <torvalds@...ux-foundation.org>
>> Date: Mon, 7 Mar 2016 10:13:09 -0800
>>
>>> On Sat, Mar 5, 2016 at 11:53 AM, Bjørn Mork <bjorn@...k.no> wrote:
>>>>
>>>>
>>>> Definitely.  The patch is so obviously correct that we can only wonder how it was possible to miss it it the first place :)
>>>>
>>>> Will take a look to see if we could do a better job cleaning up in other places.
>>>
>>> What should I do for 4.5? Will there be a pull request for this, or
>>> should I just commit my cdc_ncm_bind() patch directly?
>>
>> Yes I plan to send you a pull request today with Oliver's fix.
>>
>> Assuming this is what you guys are referring to:
>>
>> commit 1666984c8625b3db19a9abc298931d35ab7bc64b
>> Author: Oliver Neukum <oneukum@...e.com>
>> Date:   Mon Mar 7 11:31:10 2016 +0100
>>
>>     usbnet: cleanup after bind() in probe()
>>
>>     In case bind() works, but a later error forces bailing
>>     in probe() in error cases work and a timer may be scheduled.
>>     They must be killed. This fixes an error case related to
>>     the double free reported in
>>     http://www.spinics.net/lists/netdev/msg367669.html
>>     and needs to go on top of Linus' fix to cdc-ncm.
>>
>>     Signed-off-by: Oliver Neukum <ONeukum@...e.com>
>>     Signed-off-by: David S. Miller <davem@...emloft.net>
> 
> Could you also add:
> Reported-by: Andrey Konovalov <andreyknvl@...il.com>
> ?

Sorry it's already committed to my tree and I can't redo the commit message
once that happens since my tree has static history.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ