lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Thu, 9 Mar 2017 14:42:47 +1100 From: Jonathan Maxwell <jmaxwell37@...il.com> To: Eric Dumazet <eric.dumazet@...il.com> Cc: gerrit@....abdn.ac.uk, David Miller <davem@...emloft.net>, Eric Dumazet <edumazet@...gle.com>, Andrey Konovalov <andreyknvl@...gle.com>, kuznet <kuznet@....inr.ac.ru>, jmorris <jmorris@...ei.org>, yoshfuji <yoshfuji@...ux-ipv6.org>, kaber <kaber@...sh.net>, Neal Cardwell <ncardwell@...gle.com>, dccp@...r.kernel.org, netdev@...r.kernel.org, linux-kernel@...r.kernel.org, Jon Maxwell <jmaxwell@...hat.com>, Eric Garver <egarver@...hat.com>, Hannes Sowa <hsowa@...hat.com> Subject: Re: [PATCH net] dccp/tcp: fix routing redirect race Sorry let me resend in plain text mode. On Thu, Mar 9, 2017 at 1:10 PM, Eric Dumazet <eric.dumazet@...il.com> wrote: > On Thu, 2017-03-09 at 12:15 +1100, Jon Maxwell wrote: >> We have seen a few incidents lately where a dst_enty has been freed >> with a dangling TCP socket reference (sk->sk_dst_cache) pointing to that >> dst_entry. If the conditions/timings are right a crash then ensues when the >> freed dst_entry is referenced later on. A Common crashing back trace is: > > Very nice catch ! > Thanks Eric. > Don't we have a similar issue for IPv6 ? > > Good point. We checked and as far as we can tell IPv6 does not invalidate the route. So it should be safer.
Powered by blists - more mailing lists