lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Wed, 6 May 2020 04:14:49 +0000 From: Po Liu <po.liu@....com> To: Dan Carpenter <dan.carpenter@...cle.com>, Claudiu Manoil <claudiu.manoil@....com> CC: "David S. Miller" <davem@...emloft.net>, "netdev@...r.kernel.org" <netdev@...r.kernel.org>, "kernel-janitors@...r.kernel.org" <kernel-janitors@...r.kernel.org> Subject: RE: [PATCH net-next] enetc: Fix use after free in stream_filter_unref() Hi Dan, > -----Original Message----- > From: Dan Carpenter <dan.carpenter@...cle.com> > Sent: 2020年5月6日 4:47 > To: Claudiu Manoil <claudiu.manoil@....com>; Po Liu <po.liu@....com> > Cc: David S. Miller <davem@...emloft.net>; netdev@...r.kernel.org; > kernel-janitors@...r.kernel.org > Subject: [PATCH net-next] enetc: Fix use after free in > stream_filter_unref() > > > This code frees "sfi" and then dereferences it on the next line. > > Fixes: 888ae5a3952b ("net: enetc: add tc flower psfp offload driver") > Signed-off-by: Dan Carpenter <dan.carpenter@...cle.com> > --- > drivers/net/ethernet/freescale/enetc/enetc_qos.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/drivers/net/ethernet/freescale/enetc/enetc_qos.c > b/drivers/net/ethernet/freescale/enetc/enetc_qos.c > index 48e589e9d0f7c..10d79eb46c2e8 100644 > --- a/drivers/net/ethernet/freescale/enetc/enetc_qos.c > +++ b/drivers/net/ethernet/freescale/enetc/enetc_qos.c > @@ -902,8 +902,8 @@ static void stream_filter_unref(struct > enetc_ndev_priv *priv, u32 index) > if (z) { > enetc_streamfilter_hw_set(priv, sfi, false); > hlist_del(&sfi->node); > - kfree(sfi); > clear_bit(sfi->index, epsfp.psfp_sfi_bitmap); This "sfi->index" should be "index", but the patch is also fix it. > + kfree(sfi); > } > } > > -- > 2.26.2 Thanks a lot. Br, Po Liu
Powered by blists - more mailing lists