On Wed, Aug 16, 2017 at 12:37 PM, Eric Dumazet wrote:
> On Wed, 2017-08-16 at 12:15 -0700, Eric Dumazet wrote:
>> On Wed, 2017-08-16 at 11:50 -0700, Cong Wang wrote:
>> > On Tue, Aug 15, 2017 at 4:09 AM, Eric Dumazet
>> > wrote:
>> > > From: Eric Dumazet
>> > >
>> > > Based on a syzkaller repor
On Wed, 2017-08-16 at 12:15 -0700, Eric Dumazet wrote:
> On Wed, 2017-08-16 at 11:50 -0700, Cong Wang wrote:
> > On Tue, Aug 15, 2017 at 4:09 AM, Eric Dumazet
> > wrote:
> > > From: Eric Dumazet
> > >
> > > Based on a syzkaller report [1], I found that a per cpu allocation
> > > failure in snmp6
On Wed, 2017-08-16 at 11:50 -0700, Cong Wang wrote:
> On Tue, Aug 15, 2017 at 4:09 AM, Eric Dumazet wrote:
> > From: Eric Dumazet
> >
> > Based on a syzkaller report [1], I found that a per cpu allocation
> > failure in snmp6_alloc_dev() would then lead to NULL dereference in
> > ip6_route_dev_no
On Tue, Aug 15, 2017 at 4:09 AM, Eric Dumazet wrote:
> From: Eric Dumazet
>
> Based on a syzkaller report [1], I found that a per cpu allocation
> failure in snmp6_alloc_dev() would then lead to NULL dereference in
> ip6_route_dev_notify().
>
> It seems this is a very old bug, thus no Fixes tag i
From: Eric Dumazet
Date: Tue, 15 Aug 2017 04:09:51 -0700
> From: Eric Dumazet
>
> Based on a syzkaller report [1], I found that a per cpu allocation
> failure in snmp6_alloc_dev() would then lead to NULL dereference in
> ip6_route_dev_notify().
>
> It seems this is a very old bug, thus no Fixe
From: Eric Dumazet
Based on a syzkaller report [1], I found that a per cpu allocation
failure in snmp6_alloc_dev() would then lead to NULL dereference in
ip6_route_dev_notify().
It seems this is a very old bug, thus no Fixes tag in this submission.
Let's add in6_dev_put_clear() helper, as we wi
