Loading...

XML

Word

Printable

Details

Type: Bug
Resolution: Unresolved
Priority: Medium
Fix Version/s: None
Affects Version/s: None
Labels:
None

Severity:
3
Rank (Obsolete):
9223372036854775807

Description

With the conversion to kref() a LASSERT() that prevented a UAF
was removed. However some callers of lsm_addref() handled this
case gracefully so the LASSERT() was not in the correct location.

Remove the UAF race with kref_get_unless_zero() and returning NULL.
Callers which cannot gracefully handle the UAF path should LASSERT()

Attachments

Activity

People

Assignee:: Shaun Tancheff

Reporter:: Shaun Tancheff

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 07/Oct/25 3:12 PM

Updated:: 07/Oct/25 3:13 PM