On 14.10.2024 16:38:03, Ignat Korchagin wrote: > On error can_create() frees the allocated sk object, but sock_init_data() > has already attached it to the provided sock object. This will leave a > dangling sk pointer in the sock object and may cause use-after-free later. > > Signed-off-by: Ignat Korchagin <ignat@xxxxxxxxxxxxxx> > Reviewed-by: Vincent Mailhol <mailhol.vincent@xxxxxxxxxx> Reviewed-by: Marc Kleine-Budde <mkl@xxxxxxxxxxxxxx> regards, Marc -- Pengutronix e.K. | Marc Kleine-Budde | Embedded Linux | https://www.pengutronix.de | Vertretung Nürnberg | Phone: +49-5121-206917-129 | Amtsgericht Hildesheim, HRA 2686 | Fax: +49-5121-206917-9 |
Attachment:
signature.asc
Description: PGP signature
