lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Fri, 25 Nov 2022 15:53:13 +0800 From: YueHaibing <yuehaibing@...wei.com> To: Paolo Abeni <pabeni@...hat.com>, <davem@...emloft.net>, <edumazet@...gle.com>, <kuba@...nel.org>, <arvid.brodin@...en.se> CC: <netdev@...r.kernel.org>, <linux-kernel@...r.kernel.org> Subject: Re: [PATCH net] net: hsr: Fix potential use-after-free On 2022/11/24 16:53, Paolo Abeni wrote: > Hello, > > On Wed, 2022-11-23 at 14:30 +0800, YueHaibing wrote: >> The skb is delivered to netif_rx() which may free it, after calling this, >> dereferencing skb may trigger use-after-free. >> >> Fixes: f266a683a480 ("net/hsr: Better frame dispatch") >> Signed-off-by: YueHaibing <yuehaibing@...wei.com> > > The code looks good, but the above is not the commit introducing the > issue, it just move the netif_rx() and later skb access from somewhere > else. > > Please go deeper in git history and find the change that originated the> issue. Ok, will dig it. > > Thanks, > > Paolo > > . >
Powered by blists - more mailing lists