lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <aGnodC+JgY8wI9xc@pop-os.localdomain> Date: Sat, 5 Jul 2025 20:07:32 -0700 From: Cong Wang <xiyou.wangcong@...il.com> To: Xiang Mei <xmei5@....edu> Cc: netdev@...r.kernel.org, gregkh@...uxfoundation.org, jhs@...atatu.com, jiri@...nulli.us, security@...nel.org Subject: Re: [PATCH v3] net/sched: sch_qfq: Fix null-deref in agg_dequeue On Sat, Jul 05, 2025 at 02:21:43PM -0700, Xiang Mei wrote: > To prevent a potential crash in agg_dequeue (net/sched/sch_qfq.c) > when cl->qdisc->ops->peek(cl->qdisc) returns NULL, we check the return > value before using it, similar to the existing approach in sch_hfsc.c. > > To avoid code duplication, the following changes are made: > > 1. Changed qdisc_warn_nonwc(include/net/pkt_sched.h) into a static > inline function. > > 2. Moved qdisc_peek_len from net/sched/sch_hfsc.c to > include/net/pkt_sched.h so that sch_qfq can reuse it. > > 3. Applied qdisc_peek_len in agg_dequeue to avoid crashing. > > Signed-off-by: Xiang Mei <xmei5@....edu> Fixes: 462dbc9101ac ("pkt_sched: QFQ Plus: fair-queueing service at DRR cost") Reviewed-by: Cong Wang <xiyou.wangcong@...il.com> Thanks!
Powered by blists - more mailing lists