KASAN: use-after-free Read in binder_release_work
Martijn Coenen
maco at android.com
Mon Apr 23 10:00:32 UTC 2018
On Mon, Apr 23, 2018 at 11:49 AM, Dmitry Vyukov <dvyukov at google.com> wrote:
> Since it's already in Greg's queue, it's not worth bothering. We can
> fix up things here with these "#syz fix" tags in emails, which
> associate fixes with bugs.
I meant, when I sent the original patch a month or so ago, could
syzbot have replied saying "The reported-by tag you used belongs to a
bug that was already marked as closed by this other commit?".
>
>
>> Thanks,
>> Martijn
>>
>>> Now syzbot already skips list_del frame and takes the next one, so it
>>> should become slightly better.
>>>
>>> Let's close this one with the binder fix (since that one was closed
>>> with an rdma fix):
>>>
>>> #syz fix: ANDROID: binder: prevent transactions into own process.
More information about the devel
mailing list