Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Mon, 15 Jul 2013 21:53:56 +0200
From: Petr Matousek <>
Subject: CVE Request -- Linux kernel: vhost-net: use-after-free in

vhost_net_ubuf_put_and_wait has a confusing name: it will actually also
free it's argument. vhost_net_flush tries to use the argument after
passing it to vhost_net_ubuf_put_and_wait, this results in use after

Upstream fix:

Introduced by:

Introduced in upstream version:


Petr Matousek / Red Hat Security Response Team

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.