>> Now sctp uses the transport without holding it in sctp_hash_cmp, >> it can cause a use-after-free panic. As after it get transport from >> hashtable, another CPU may free it, then the members it accesses >> may be unavailable memory. > > How old is this bug? I think since: $ git describe 33c1529 v4.4-rc7-1158-g33c1529 > Is it in any release kernels? > yes it was found in s390x, we could not reproduce it in x86_64 by now. Maybe it needs low configuration cpu to reproduce. -- To unsubscribe from this list: send the line "unsubscribe linux-sctp" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
