| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 10 Feb 2017 09:28:57 +0100 From: Oliver Hartkopp <socketcan@...tkopp.net> To: David Miller <davem@...emloft.net>, gregkh@...uxfoundation.org Cc: stable@...r.kernel.org, netdev@...r.kernel.org Subject: Re: [PATCH v3] can: Fix kernel panic at security_sock_rcv_skb Hello Dave, Greg, On 01/30/2017 12:34 AM, David Miller wrote: > From: Eric Dumazet <eric.dumazet@...il.com> > Date: Fri, 27 Jan 2017 08:11:44 -0800 > >> From: Eric Dumazet <edumazet@...gle.com> >> >> Zhang Yanmin reported crashes [1] and provided a patch adding a >> synchronize_rcu() call in can_rx_unregister() >> >> The main problem seems that the sockets themselves are not RCU >> protected. >> >> If CAN uses RCU for delivery, then sockets should be freed only after >> one RCU grace period. >> >> Recent kernels could use sock_set_flag(sk, SOCK_RCU_FREE), but let's >> ease stable backports with the following fix instead. > ... >> Reported-by: Zhang Yanmin <yanmin.zhang@...el.com> >> Signed-off-by: Eric Dumazet <edumazet@...gle.com> > > Applied and queued up for -stable, thanks Eric. > can you please check whether this upstream commit https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f1712c73714088a7252d276a57126d56c7d37e64 really was queued up for -stable? This commit https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=a06393ed03167771246c4c43192d9c264bc48412 was posted later and already got into the 4.4 and 4.9 stable trees. Best regards, Oliver
Powered by blists - more mailing lists