lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Thu, 17 Feb 2022 10:47:44 +0800 (GMT+08:00) From: 周多明 <duoming@....edu.cn> To: "Jakub Kicinski" <kuba@...nel.org> Cc: linux-hams@...r.kernel.org, ajk@...nets.uni-bremen.de, davem@...emloft.net, netdev@...r.kernel.org, linux-kernel@...r.kernel.org Subject: Re: Re: [PATCH] drivers: hamradio: 6pack: fix UAF bug caused by mod_timer() Hello, Thank you very much for your time and pointing out problems in my patch. I have sent the modified patch again just now. We use pty to simulate 6pack device, the released resource is tty_struct->tty_port in tty layer. The free trace is shown as below: tty_release()->tty_release_struct()->release_tty()->tty_kref_put()-> queue_release_one_tty()->release_one_tty()->pty_cleanup()->tty_port_put(tty->port); The use trace is shown as below: sp_xmit_on_air()->pty_write()->tty_flip_buffer_push()->tty_schedule_flip(port); Best wishes, Duoming Zhou
Powered by blists - more mailing lists