Re: [PATCH] dccp: don't duplicate ccid when cloning dccp sock

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Hello:

This patch was applied to netdev/net.git (refs/heads/master):

On Wed, 8 Sep 2021 03:40:59 +0000 you wrote:
> Commit 2677d2067731 ("dccp: don't free ccid2_hc_tx_sock ...") fixed
> a UAF but reintroduced CVE-2017-6074.
> 
> When the sock is cloned, two dccps_hc_tx_ccid will reference to the
> same ccid. So one can free the ccid object twice from two socks after
> cloning.
> 
> [...]

Here is the summary with links:
  - dccp: don't duplicate ccid when cloning dccp sock
    https://git.kernel.org/netdev/net/c/d9ea761fdd19

You are awesome, thank you!
--
Deet-doot-dot, I am a bot.
https://korg.docs.kernel.org/patchwork/pwbot.html
[Index of Archives]     [Linux Kernel]     [IETF DCCP]     [Linux Networking]     [Git]     [Security]     [Linux Assembly]     [Bugtraq]     [Yosemite]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Linux SCSI]

  Powered by Linux