On Thu, Jun 03, 2021 at 11:30:08AM -0700, SyzScope wrote: > Hi developers, > > Besides the control flow hijacking primitive we sent before, we managed to > discover an additional double free primitive in this bug, making this bug > even more dangerous. > > We created a web page with detailed descriptions: https://sites.google.com/view/syzscope/kasan-use-after-free-read-in-hci_chan_del > > We understand that creating a patch can be time-consuming and there is > probably a long list of bugs pending fixes. We hope that our security > analysis can enable an informed decision on which bugs to fix first > (prioritization). > > Since the bug has been on syzbot for over ten months (first found on > 08-03-2020 and still can be triggered on 05-08-2021), it is best to have the > bug fixed early enough to avoid it being weaponized. Wonderful, please help out by sending a fix for this. thanks, greg k-h
