oss-sec mailing list archives
Re: Linux kernel: io_uring: free of unallocated buffer list in io_register_pbuf_ring()
From: Florian Weimer <fweimer () redhat com>
Date: Mon, 08 Aug 2022 14:20:53 +0200
* Solar Designer:
I think this wasn't reported in here before, and has no CVE ID? Writeup in Chinese dated July 29: https://dawnslab.jd.com/linux-5.19-rc2_pbuf_ring_0day/ Fix dated July 21, per the writeup included in 5.19-rc8: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=ec8516f3b7c40ba7050e6b3a32467e9de451ecdf Per the Fixes tag, the bug was introduced in May, in: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=c7fb19428d67
Wasn't this introduced and fixed during 5.19 development? In those cases, no CVE assignment is expected. Thanks, Florian
Current thread:
- Linux kernel: io_uring: free of unallocated buffer list in io_register_pbuf_ring() Solar Designer (Aug 08)
- Re: Linux kernel: io_uring: free of unallocated buffer list in io_register_pbuf_ring() Florian Weimer (Aug 08)