** Summary changed: - placeholder bug + UAF on CAN BCM bcm_rx_handler
** Description changed: - This reports a bug. + [Impact] + bcm_rx_handler may run concurrently to can_rx_unregister on bcm_release, which will, then, free the bcm_op that is used by bcm_rx_handler, leading to a system crash. + + [Potential regression] + CAN BCM sockets may stop working as expected. + + [Test case] + Programs from can-utils were run, some of them concurrently. ** Information type changed from Private to Public Security -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1931855 Title: UAF on CAN BCM bcm_rx_handler To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1931855/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs