On Fri, 6 Jun 2014, Andrey Ryabinin wrote: > While working address sanitizer for kernel I've discovered use-after-free > bug in __put_anon_vma. > For the last anon_vma, anon_vma->root freed before child anon_vma. > Later in anon_vma_free(anon_vma) we are referencing to already freed > anon_vma->root > to check rwsem. > This patch puts freeing of child anon_vma before freeing of anon_vma->root. > > Cc: <[email protected]> # v3.0+ > Signed-off-by: Andrey Ryabinin <[email protected]>
Acked-by: David Rientjes <[email protected]> -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to [email protected] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
