vulnerability use-after-free

vulnerability use-after-free

[慕冬亮]

Use-after-free is a important vulnerability ! As far as we know , Linux
kernel is mostly using C and there may exist this vulnerability! I think in
the kernel there are much allocator and reallocator , how do the kernel
manage these things?
mudongliang
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.kernelnewbies.org/pipermail/kernelnewbies/attachments/20150513/56b467fc/attachment.html 

vulnerability use-after-free

[Giedrius Statkevičius]

On Wed, 13 May 2015, ??? wrote:

> Use-after-free is a important vulnerability ! As far as we know , Linux kernel is mostly using C and there may exist this vulnerability! I think in the kernel there
> are much allocator and reallocator , how do the kernel manage these things?mudongliang
> 
> 
Most of the time "struct kobject" is used to count references to that object.
Also, there are functions _get() and _put() that increase/decrease reference
count. So if the reference count ever becomes equal to 0 we know that we can
free() it and no one references it anymore.

More reading on this in LDD3:
https://lwn.net/images/pdf/LDD3/ch14.pdf

Su pagarba / Regards,
Giedrius