On Tue, Jun 2, 2015 at 8:23 AM, Sasha Levin wrote:
>
> This commit fixes a race condition an unprivileged user can exploit to corrupt
> kernel memory. I can't seem to get anyone to grab it for the past 4+ months.
Will take it directly. Feel free to just cc me directly earlier if
things take this
Hi,
This commit fixes a race condition an unprivileged user can exploit to corrupt
kernel memory. I can't seem to get anyone to grab it for the past 4+ months.
Help please?
Thanks,
Sasha
On 04/30/2015 11:04 AM, Sasha Levin wrote:
> ping?
>
> On 01/28/2015 03:30 PM, Sasha Levin wrote:
>> We us
ping?
On 01/28/2015 03:30 PM, Sasha Levin wrote:
> We used to read file_handle twice. Once to get the amount of extra bytes, and
> once to fetch the entire structure.
>
> This may be problematic since we do size verifications only after the first
> read, so if the number of extra bytes changes in
3 matches
Mail list logo
