Hello. This bug is the same bug that is mentioned in https://lore.kernel.org/all/20231211135949.689204-1-syoshida@xxxxxxxxxx/. And I also reproduced it with repro.c in https://lore.kernel.org/all/CABOYnLxaHBEaSRaEU+kDsHF8a=9AokO1ZUEVtpeT9ddL8giw3A@xxxxxxxxxxxxxx/ also see in https://gist.github.com/xrivendell7/b10745f297bd2d12a2e48155920996d2 and also a simple root cause analysis. The incorrect logic of unlock_free label can really cause security issue like KASAN: double-free in af_alg_free_sg KASAN: slab-use-after-free in af_alg_free_sg KASAN: slab-use-after-free Read in hash_sock_destruct and it needs a quick fix. I hope it helps. Best regards. xingwei Lee
