lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Message-Id: <20210120125202.2187358-1-mkl@pengutronix.de>
Date:   Wed, 20 Jan 2021 13:51:59 +0100
From:   Marc Kleine-Budde <mkl@...gutronix.de>
To:     netdev@...r.kernel.org
Cc:     davem@...emloft.net, kuba@...nel.org, linux-can@...r.kernel.org,
        kernel@...gutronix.de
Subject: pull-request: can 2021-01-20

Hello Jakub, hello David,

this is a pull request of 3 patches for net/master.

All three patches are by Vincent Mailhol and fix a potential use after free bug
in the CAN device infrastructure, the vxcan driver, and the peak_usk driver. In
the TX-path the skb is used to read from after it was passed to the networking
stack with netif_rx_ni().

Note: Patch 1/3 touches "drivers/net/can/dev.c". In net-next/master this file
has been moved to drivers/net/can/dev/dev.c [1] and parts of it have been
transfered into separate files. This may result in a merge conflict. Please
carry this patch forward, the change is rather simple. Drop us a note if
needed. Are any actions needed with regards to linux-next?

[1] 3e77f70e7345 can: dev: move driver related infrastructure into separate subdir

regards,
Marc

---

The following changes since commit 9c30ae8398b0813e237bde387d67a7f74ab2db2d:

  tcp: fix TCP socket rehash stats mis-accounting (2021-01-19 19:47:20 -0800)

are available in the Git repository at:

  git://git.kernel.org/pub/scm/linux/kernel/git/mkl/linux-can.git tags/linux-can-fixes-for-5.11-20210120

for you to fetch changes up to 50aca891d7a554db0901b245167cd653d73aaa71:

  can: peak_usb: fix use after free bugs (2021-01-20 13:33:28 +0100)

----------------------------------------------------------------
linux-can-fixes-for-5.11-20210120

----------------------------------------------------------------
Vincent Mailhol (3):
      can: dev: can_restart: fix use after free bug
      can: vxcan: vxcan_xmit: fix use after free bug
      can: peak_usb: fix use after free bugs

 drivers/net/can/dev.c                      | 4 ++--
 drivers/net/can/usb/peak_usb/pcan_usb_fd.c | 8 ++++----
 drivers/net/can/vxcan.c                    | 6 ++++--
 3 files changed, 10 insertions(+), 8 deletions(-)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ