From 7cf35c6d4b05993ce5facfbac1f6dd38bf49bf8f Mon Sep 17 00:00:00 2001
From: Werner Sembach <werner.sembach@fau.de>
Date: Fri, 5 Oct 2018 19:18:02 +0200
Subject: [PATCH] Add notes on important functions and locations for
 CVE-2017-8890

---
 README.md | 13 +++++++++++++
 1 file changed, 13 insertions(+)

diff --git a/README.md b/README.md
index 9a67c9e..1a2edc3 100644
--- a/README.md
+++ b/README.md
@@ -1,3 +1,16 @@
+### CVE-2017-8890
+vuln in inet_csk_clone_lock in net/ipv4/inet_connection_sock.c
+- https://elixir.bootlin.com/linux/v3.10.105/source/net/ipv4/inet_connection_sock.c#L674
+
+mc_list set in ip_mc_join_group in net/ipv4/igmp.c
+- https://elixir.bootlin.com/linux/v3.10.105/source/net/ipv4/igmp.c#L1788
+
+freed in sock_close > sock_release > (sock->ops->release) > inet_release in net/ipv4/af_inet.c (found using gdb)
+- https://elixir.bootlin.com/linux/v3.10.105/source/net/ipv4/af_inet.c#L427
+
+exact free of mc_list somewhow in ip_mc_drop_socket using kfree_rcu
+- https://elixir.bootlin.com/linux/v3.10.105/source/net/ipv4/igmp.c#L2297
+
 ### GDB Commands
 ```
 aarch64-linux-gnu-gdb linux-3.10.105/vmlinux
-- 
GitLab