Re: (subset) [PATCH] aoe: fix the potential use-after-free problem in aoecmd_cfg_pkts

From: joeyli
Date: Thu Mar 07 2024 - 07:40:27 EST

Next message: Christian König: "Re: [PATCH] drm/amdgpu: add vm fault information to devcoredump"
Previous message: Roger Quadros: "Re: [PATCH v4 5/9] usb: cdns3-ti: pass auxdata from match data to of_platform_populate()"
In reply to: Jens Axboe: "Re: (subset) [PATCH] aoe: fix the potential use-after-free problem in aoecmd_cfg_pkts"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi Jens,

On Wed, Mar 06, 2024 at 08:35:34AM -0700, Jens Axboe wrote:
>
> On Tue, 05 Mar 2024 16:20:48 +0800, Lee, Chun-Yi wrote:
> > This patch is against CVE-2023-6270. The description of cve is:
> >
> > A flaw was found in the ATA over Ethernet (AoE) driver in the Linux
> > kernel. The aoecmd_cfg_pkts() function improperly updates the refcnt on
> > `struct net_device`, and a use-after-free can be triggered by racing
> > between the free on the struct and the access through the `skbtxq`
> > global queue. This could lead to a denial of service condition or
> > potential code execution.
> >
> > [...]
>
> Applied, thanks!
>
> [1/1] aoe: fix the potential use-after-free problem in aoecmd_cfg_pkts
> commit: f98364e926626c678fb4b9004b75cacf92ff0662
>

Thanks for your review!

Joey Lee

Next message: Christian König: "Re: [PATCH] drm/amdgpu: add vm fault information to devcoredump"
Previous message: Roger Quadros: "Re: [PATCH v4 5/9] usb: cdns3-ti: pass auxdata from match data to of_platform_populate()"
In reply to: Jens Axboe: "Re: (subset) [PATCH] aoe: fix the potential use-after-free problem in aoecmd_cfg_pkts"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]