Skip to content
Snippets Groups Projects
Commit 7cf35c6d authored by Werner Sembach's avatar Werner Sembach
Browse files

Add notes on important functions and locations for CVE-2017-8890

parent b559e92f
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
Showing
with 13 additions and 0 deletions
README.md
+ 13
0
View file @ 7cf35c6d
### CVE-2017-8890
vuln in inet_csk_clone_lock in net/ipv4/inet_connection_sock.c
- https://elixir.bootlin.com/linux/v3.10.105/source/net/ipv4/inet_connection_sock.c#L674
mc_list set in ip_mc_join_group in net/ipv4/igmp.c
- https://elixir.bootlin.com/linux/v3.10.105/source/net/ipv4/igmp.c#L1788
freed in sock_close > sock_release > (sock->ops->release) > inet_release in net/ipv4/af_inet.c (found using gdb)
- https://elixir.bootlin.com/linux/v3.10.105/source/net/ipv4/af_inet.c#L427
exact free of mc_list somewhow in ip_mc_drop_socket using kfree_rcu
- https://elixir.bootlin.com/linux/v3.10.105/source/net/ipv4/igmp.c#L2297
### GDB Commands ### GDB Commands
``` ```
aarch64-linux-gnu-gdb linux-3.10.105/vmlinux aarch64-linux-gnu-gdb linux-3.10.105/vmlinux
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment