|
@AmarSaar | |||||
|
Interesting vulnerability: may_create_in_sticky() was
done when we already have dropped the ref to dir and thus dir (a struct dentry ptr) might be freed and reuse. One impact is a 1-bit infoleak oracle in open() (CVE-2020-8428) seclists.org/oss-sec/2020/q…
|
||||||
|
||||||