[prev in list] [next in list] [prev in thread] [next in thread] 

List:       linux-edac
Subject:    Re: [EXTERNAL] [PATCH] x86/MCE/AMD: Fix use after free in error handling
From:       Dan Carpenter <dan.carpenter () oracle ! com>
Date:       2020-01-28 16:15:56
Message-ID: 20200128161556.GB1754 () kadam
[Download RAW message or body]

On Tue, Jan 28, 2020 at 03:59:08PM +0000, Saar Amar wrote:
> Actually, if we are at it - Dan, given the fact there is an actual use
> (a dereference) for that pointer after the free, shouldn't we assign a
> CVE for it?
> 

We don't give CVEs, you'd have to contact someone else.

I don't think this has a security impact because you already have to
be root to trigger it.

regards,
dan carpenter

[prev in list] [next in list] [prev in thread] [next in thread]