lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Tue, 17 Dec 2019 21:59:30 -0800 (PST) From: David Miller <davem@...emloft.net> To: marcelo.leitner@...il.com Cc: netdev@...r.kernel.org, lucien.xin@...il.com, kent.overstreet@...il.com, nhorman@...driver.com, linux-sctp@...r.kernel.org Subject: Re: [PATCH net] sctp: fix memleak on err handling of stream initialization From: Marcelo Ricardo Leitner <marcelo.leitner@...il.com> Date: Mon, 16 Dec 2019 22:01:16 -0300 > syzbot reported a memory leak when an allocation fails within > genradix_prealloc() for output streams. That's because > genradix_prealloc() leaves initialized members initialized when the > issue happens and SCTP stack will abort the current initialization but > without cleaning up such members. > > The fix here is to always call genradix_free() when genradix_prealloc() > fails, for output and also input streams, as it suffers from the same > issue. > > Reported-by: syzbot+772d9e36c490b18d51d1@...kaller.appspotmail.com > Fixes: 2075e50caf5e ("sctp: convert to genradix") > Signed-off-by: Marcelo Ricardo Leitner <marcelo.leitner@...il.com> Applied and queued up for -stable.
Powered by blists - more mailing lists