brain-hackers_pepepper-mirror/linux-brain
1
0
Fork 0
mirror of https://github.com/brain-hackers/linux-brain.git synced 2024-06-09 23:36:23 +09:00
Code Issues Projects Releases Wiki Activity
4.9-2.0.x-imx
linux-brain/net/kcm
History
Kirill Tkhai 0ae3ff2e43 kcm: Fix use-after-free caused by clonned sockets 
[ Upstream commit eb7f54b90b ]

(resend for properly queueing in patchwork)

kcm_clone() creates kernel socket, which does not take net counter.
Thus, the net may die before the socket is completely destructed,
i.e. kcm_exit_net() is executed before kcm_done().

Reported-by: syzbot+5f1a04e374a635efc426@syzkaller.appspotmail.com
Signed-off-by: Kirill Tkhai <ktkhai@virtuozzo.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2018-06-13 16:16:42 +02:00
..
kcmproc.c kcm: Fix locking issue 2016-08-23 16:23:12 -07:00
kcmsock.c kcm: Fix use-after-free caused by clonned sockets 2018-06-13 16:16:42 +02:00
Kconfig kcm: Use stream parser 2016-08-17 19:36:23 -04:00
Makefile kcm: Add statistics and proc interfaces 2016-03-09 16:36:14 -05:00