Re: KASAN: use-after-free Read in binder_release_work

From: Martijn Coenen
Date: Mon Apr 23 2018 - 05:19:09 EST

Next message: Simon Horman: "Re: [PATCH/RFC 7/8] ARM: shmobile: Remove the ARCH_SHMOBILE Kconfig symbol"
Previous message: Rafael J. Wysocki: "Re: [PATCH/RFC 1/2] PM / wakeup: Add callback for wake-up change notification"
In reply to: Eric Biggers: "Re: KASAN: use-after-free Read in binder_release_work"
Next in thread: Dmitry Vyukov: "Re: KASAN: use-after-free Read in binder_release_work"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, Apr 19, 2018 at 11:35 PM, Eric Biggers <ebiggers3@xxxxxxxxx> wrote:
> Martijn, this is going to be fixed by
> https://patchwork.kernel.org/patch/10312345/
> ("ANDROID: binder: prevent transactions into own process"), right?
> The syzbot bug ID in that patch is for a bug that is already closed,
> so if it's not too late you should use this one.

Yeah that should fix it. Why was it closed? I think the syzbot bug ID
I used in that patch was from the original report to LKML. Greg
mentioned the patch was already in his queue.

Thanks,
Martijn

>
> - Eric

Next message: Simon Horman: "Re: [PATCH/RFC 7/8] ARM: shmobile: Remove the ARCH_SHMOBILE Kconfig symbol"
Previous message: Rafael J. Wysocki: "Re: [PATCH/RFC 1/2] PM / wakeup: Add callback for wake-up change notification"
In reply to: Eric Biggers: "Re: KASAN: use-after-free Read in binder_release_work"
Next in thread: Dmitry Vyukov: "Re: KASAN: use-after-free Read in binder_release_work"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]