lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <20220706190237.477f24ee@kernel.org> Date: Wed, 6 Jul 2022 19:02:37 -0700 From: Jakub Kicinski <kuba@...nel.org> To: Duoming Zhou <duoming@....edu.cn> Cc: linux-hams@...r.kernel.org, netdev@...r.kernel.org, linux-kernel@...r.kernel.org, ralf@...ux-mips.org, davem@...emloft.net, edumazet@...gle.com, pabeni@...hat.com Subject: Re: [PATCH net v2] net: rose: fix UAF bug caused by rose_t0timer_expiry On Tue, 5 Jul 2022 20:56:10 +0800 Duoming Zhou wrote: > + del_timer_sync(&rose_neigh->t0timer); /** * del_timer_sync - deactivate a timer and wait for the handler to finish. [...] * Synchronization rules: Callers must prevent restarting of the timer, * otherwise this function is meaningless. how is the restarting prevented? If I'm looking right rose_t0timer_expiry() rearms the timer.
Powered by blists - more mailing lists