Re: Use-after-free in ppoll

From: Rainer Weikusat
Date: Sun Nov 22 2015 - 13:52:09 EST

Rainer Weikusat <rweikusat@xxxxxxxxxxxxxxxxxxxxxxx> writes:


> because of the close, this routine will be called with the peer_wait
> wait_queue_head of the non-closed socket of the socket pair as
> wait_address argument.

This should have been "peer_wait wait_queue_head of the peer of the
non-closed socket, ie, that of the closed socket"...
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at
Please read the FAQ at