Date: Tue, 28 Feb 2017 17:25:24 +0100 From: Salvatore Bonaccorso <carnil@...ian.org> To: OSS Security Mailinglist <oss-security@...ts.openwall.com> Subject: Linux: packet: fix races in fanout_add() (CVE-2017-6346) Hi CVE-2017-6346 was assigned by MITRE to the following (via https://cveform.mitre.org/): https://git.kernel.org/linus/d199fab63c11998a602205f7ee7ff7c05c97164b > packet: fix races in fanout_add() > > Multiple threads can call fanout_add() at the same time. > > We need to grab fanout_mutex earlier to avoid races that could > lead to one thread freeing po->rollover that was set by another thread. > > Do the same in fanout_release(), for peace of mind, and to help us > finding lockdep issues earlier. Since 4.2 the races can lead to a use-after-free. The fix was backported to 4.9.13 as well. Regards, Salvatore
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ