On 2019年08月19日 15:39, Dan Carpenter wrote:
On Mon, Aug 19, 2019 at 01:32:54PM +0800, Zhao, Yakui wrote:In fact as this driver is mainly used for embedded IOT usage, it doesn't handle the complex cleanup when such error is encountered. Instead the clean up is handled in free_guest_vm.A use after free here seems like a potential security problem. Security matters for IoT... :(
Thanks for pointing out the issue. The cleanup will be considered carefully.
regards, dan carpenter
