12 Feb
2011
12 Feb
'11
9:23 p.m.
There's a race condition in softif_neigh_seq_print_text(), between the rcu_read_unlock() and rcu_read_lock() the number of softif_neigh's can have increased and there's no check for accidentally writing outside of the allocated buffer.
Also correct - are you going to send a patch ?
Yes, will do, wait a sec.