Date: Wed, 18 Nov 2015 10:14:52 +0100 From: Mathias Krause <minipli@...glemail.com> To: oss-security@...ts.openwall.com Cc: cve-assign@...re.org Subject: Re: CVE request - Linux kernel - Unix sockets use after free - peer_wait_queue prematurely freed On 18 November 2015 at 08:57, Wade Mealing <wmealing@...hat.com> wrote: > [...] > > Original discussion: > - https://groups.google.com/forum/#!topic/syzkaller/3twDUI4Cpm8 Just for reference... There was an independent discovery earlier this year, tracked in . Even earlier discoveries ([2,3]) missed the connection to AF_UNIX.  eventually lead to the incomplete patch  and, after multiple non-public ineffective attempts on fixing the issue, to the netdev posting . That's where Jason and Rainer started to post patches fixing the issue. However, none of the patches has been applied yet. Thanks, Mathias  https://forums.grsecurity.net/viewtopic.php?f=3&t=4150  https://lkml.org/lkml/2014/5/15/532  https://lkml.org/lkml/2013/10/14/424  http://www.spinics.net/lists/netdev/msg318826.html  https://lkml.org/lkml/2015/9/13/195
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.