On Tue, Apr 13, 2021 at 12:31:53PM +0300, Or Cohen wrote:
> +++ b/net/sctp/socket.c
> @@ -1520,11 +1520,9 @@ static void sctp_close(struct sock *sk, long timeout)
>
> /* Supposedly, no process has access to the socket, but
>* the net layers still may.
> - * Also, sctp_destroy_s
If sctp_destroy_sock is called without sock_net(sk)->sctp.addr_wq_lock
held and sp->do_auto_asconf is true, then an element is removed
from the auto_asconf_splist without any proper locking.
This can happen in the following functions:
1. In sctp_accept, if sctp_sock_migrate fails.
2. In inet_creat
