oss-sec mailing list archives
Re: Linux tcp_xmit_retransmit_queue use after free on 4.8-rc1 / master
From: Greg KH <greg () kroah com>
Date: Mon, 15 Aug 2016 09:54:53 +0200
On Mon, Aug 15, 2016 at 09:20:17AM +0800, Marco Grassi wrote:
Hello, this program will cause a use after free of read 4 in tcp_xmit_retransmit_queue or other tcp_ functions, often in another totally unrelated process. reproducer + KASAN report is provided, tested on master available at the time of writing and on 4.8 rc1
Did you send this to the netdev () vger kernel org mailing list so that it can get fixed? I don't see it there :( thanks, greg k-h
Current thread:
- Linux tcp_xmit_retransmit_queue use after free on 4.8-rc1 / master Marco Grassi (Aug 14)
- Re: Linux tcp_xmit_retransmit_queue use after free on 4.8-rc1 / master Greg KH (Aug 15)
- Re: Linux tcp_xmit_retransmit_queue use after free on 4.8-rc1 / master Marco Grassi (Aug 15)
- Re: Linux tcp_xmit_retransmit_queue use after free on 4.8-rc1 / master Greg KH (Aug 15)
- Re: Linux tcp_xmit_retransmit_queue use after free on 4.8-rc1 / master Marco Grassi (Aug 15)
- Re: Linux tcp_xmit_retransmit_queue use after free on 4.8-rc1 / master Greg KH (Aug 16)
- Re: Linux tcp_xmit_retransmit_queue use after free on 4.8-rc1 / master Marco Grassi (Aug 15)
- Re: Linux tcp_xmit_retransmit_queue use after free on 4.8-rc1 / master Greg KH (Aug 15)