oss-sec mailing list archives
Re: CVE Requests: Linux: use-after-free issue for ppp channel
From: Baozeng Ding <sploving1 () gmail com>
Date: Sun, 15 May 2016 19:05:54 +0800
It was introduced by https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=273ec51dd7ceaa76e038875d85061ec856d8905eFixed in linux-stable 4.5.4 and longterm 3.2.80, 3.12.59, 3.14.69, 3.16.35, 4.4.10.
On 2016/5/11 23:37, Baozeng Ding wrote:
Hi all,The ppp channel did not take reference on its network namespace when it was registered and unregistered, which causes a use-after-free issue. Details:https://lkml.org/lkml/2016/3/17/569 Fixed via:https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=1f461dcdd296eecedaffffc6bae2bfa90bd7eb89Could you please assign a CVE for this issue? Thanks. Best Regards, Baozeng
Current thread:
- CVE Requests: Linux: use-after-free issue for ppp channel Baozeng Ding (May 11)
- Re: CVE Requests: Linux: use-after-free issue for ppp channel Baozeng Ding (May 15)
- Re: CVE Requests: Linux: use-after-free issue for ppp channel cve-assign (May 15)
- Re: CVE Requests: Linux: use-after-free issue for ppp channel Baozeng Ding (May 15)