On Mon, Feb 01, 2016 at 02:27:30PM +0100, Mathias Krause wrote:
> We miss to take the crypto_alg_sem semaphore when traversing the
> crypto_alg_list for CRYPTO_MSG_GETALG dumps. This allows a race with
> crypto_unregister_alg() removing algorithms from the list while we're
> still traversing it, th
We miss to take the crypto_alg_sem semaphore when traversing the
crypto_alg_list for CRYPTO_MSG_GETALG dumps. This allows a race with
crypto_unregister_alg() removing algorithms from the list while we're
still traversing it, thereby leading to a use-after-free as show below:
[ 3482.071639] general
