Re: [PATCH net] macvtap: fix use after free for skb_array during release

From: Jason Wang Date: Thu, 11 Aug 2016 18:15:56 +0800 > We've clean skb_array in macvtap_put_queue() but still try to pop from > it during macvtap_sock_destruct(). Fix this use after free by moving > the skb array cleanup to macvtap_sock_destruct() instead. > > Fixes: 362899b8725b ("macvtap: sw

[PATCH net] macvtap: fix use after free for skb_array during release

We've clean skb_array in macvtap_put_queue() but still try to pop from it during macvtap_sock_destruct(). Fix this use after free by moving the skb array cleanup to macvtap_sock_destruct() instead. Fixes: 362899b8725b ("macvtap: switch to use skb array") Reported-by: Cornelia Huck Tested-by: Corn