Thread (10 messages) 10 messages, 5 authors, 2025-09-03

Re: [BUG] [ROSE] slab-use-after-free in lock_timer_base

From: Eric Dumazet <edumazet@google.com>
Date: 2025-09-03 10:02:07
Also in: linux-hams

On Wed, Sep 3, 2025 at 2:51 AM Bernard Pidoux [off-list ref] wrote:
On 6.16.4 kernel patched with last ROSE commit for refcount use
rose_remove_node() is causing refcount_t: underflow; use-after-free

List:       linux-stable-commits
Subject:    Patch "net: rose: split remove and free operations in
rose_remove_neigh()" has been added to the 6.1
From:       Sasha Levin <sashal () kernel ! org>
Date:       2025-08-30 20:20:24
Message-ID: 20250830202024.2485006-1-sashal () kernel ! org

Bernard Pidoux
F6BVP / AI7BG
Any particular reason you do not CC the author ?

CC Takamitsu Iwai [off-list ref]

BTW, a syzbot report was already sent to the list.

https://syzkaller.appspot.com/bug?extid=7287222a6d88bdb559a7
Keyboard shortcuts
hback out one level
jnext message in thread
kprevious message in thread
ldrill in
Escclose help / fold thread tree
?toggle this help