mirrors/linux-stable
1
0
Fork 0
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git synced 2024-09-30 22:26:55 +00:00
Code Issues Releases Wiki Activity
linux-stable/net/ipv4
History
Hyunwoo Kim 80e679b352 tcp: Fix Use-After-Free in tcp_ao_connect_init 
Since call_rcu, which is called in the hlist_for_each_entry_rcu traversal
of tcp_ao_connect_init, is not part of the RCU read critical section, it
is possible that the RCU grace period will pass during the traversal and
the key will be free.

To prevent this, it should be changed to hlist_for_each_entry_safe.

Fixes: 7c2ffaf21b ("net/tcp: Calculate TCP-AO traffic keys")
Signed-off-by: Hyunwoo Kim <v4bel@theori.io>
Reviewed-by: Eric Dumazet <edumazet@google.com>
Acked-by: Dmitry Safonov <0x7f454c46@gmail.com>
Link: https://lore.kernel.org/r/ZiYu9NJ/ClR8uSkH@v4bel-B760M-AORUS-ELITE-AX
Signed-off-by: Jakub Kicinski <kuba@kernel.org>
2024-04-23 19:06:39 -07:00
..
netfilter netfilter: complete validation of user input 2024-04-10 19:42:56 -07:00
af_inet.c net: introduce include/net/rps.h 2024-03-07 21:12:43 -08:00
ah4.c net: fill in MODULE_DESCRIPTION()s for ipv4 modules 2024-02-09 14:12:02 -08:00
arp.c arp: Prevent overflow in arp_req_get(). 2024-02-20 10:50:19 +01:00
bpf_tcp_ca.c bpf: treewide: Annotate BPF kfuncs in BTF 2024-01-31 20:40:56 -08:00
cipso_ipv4.c netlabel: remove impossible return value in netlbl_bitmap_walk 2024-02-28 19:37:34 -08:00
datagram.c ipv4: Set the routing scope properly in ip_route_output_ports(). 2024-02-12 17:33:05 -08:00
devinet.c netlink: let core handle error cases in dump operations 2024-03-07 20:48:22 -08:00
esp4.c net: esp: fix bad handling of pages from page_pool 2024-03-18 11:53:46 +01:00
esp4_offload.c
fib_frontend.c inet: bring NLM_DONE out to a separate recv() again 2024-04-15 10:25:27 +01:00
fib_lookup.h
fib_notifier.c
fib_rules.c fib: remove unnecessary input parameters in fib_default_rule_add 2024-01-03 16:42:48 -08:00
fib_semantics.c
fib_trie.c inet: switch inet_dump_fib() to RCU protection 2024-02-26 11:46:13 +00:00
fou_bpf.c bpf: treewide: Annotate BPF kfuncs in BTF 2024-01-31 20:40:56 -08:00
fou_core.c net: gro: rename skb_gro_header_hard() 2024-03-05 13:30:11 +01:00
fou_nl.c
fou_nl.h
gre_demux.c Normalise "name (ad@dr)" MODULE_AUTHORs to "name <ad@dr>" 2024-03-06 13:07:39 -08:00
gre_offload.c net: gro: rename skb_gro_header_hard() 2024-03-05 13:30:11 +01:00
icmp.c icmp: prevent possible NULL dereferences from icmp_build_probe() 2024-04-22 10:00:31 +01:00
igmp.c inet: annotate devconf data-races 2024-02-28 19:36:39 -08:00
inet_connection_sock.c tcp: Fix bind() regression for v6-only wildcard and v4(-mapped-v6) non-wildcard addresses. 2024-03-29 14:48:38 -07:00
inet_diag.c inet_diag: skip over empty buckets 2024-01-23 15:13:55 +01:00
inet_fragment.c inet: inet_defrag: prevent sk release while still in use 2024-03-28 12:06:22 +01:00
inet_hashtables.c tcp: Fix refcnt handling in __inet_hash_connect(). 2024-03-14 10:57:02 +01:00
inet_timewait_sock.c tcp: Fix NEW_SYN_RECV handling in inet_twsk_purge() 2024-03-12 18:56:15 -07:00
inetpeer.c net: ipv4: Simplify the allocation of slab caches in inet_initpeers 2024-01-31 16:39:42 -08:00
ip_forward.c
ip_fragment.c inet: inet_defrag: prevent sk release while still in use 2024-03-28 12:06:22 +01:00
ip_gre.c erspan: make sure erspan_base_hdr is present in skb->head 2024-03-29 12:42:55 -07:00
ip_input.c
ip_options.c
ip_output.c Revert "net: Re-use and set mono_delivery_time bit for userspace tstamp packets" 2024-03-18 12:29:53 +00:00
ip_sockglue.c inet: Add getsockopt support for IP_ROUTER_ALERT and IPV6_ROUTER_ALERT 2024-03-06 12:37:06 +00:00
ip_tunnel.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net 2024-03-11 20:38:36 -07:00
ip_tunnel_core.c tunnels: fix out of bounds access when building IPv6 PMTU error 2024-02-03 12:43:19 +00:00
ip_vti.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net 2024-02-15 16:20:04 -08:00
ipcomp.c
ipconfig.c
ipip.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net 2024-02-15 16:20:04 -08:00
ipmr.c ipmr: fix incorrect parameter validation in the ip_mroute_getsockopt() function 2024-03-11 09:53:22 +00:00
ipmr_base.c
Kconfig
Makefile bpfilter: remove bpfilter 2024-01-04 10:23:10 -08:00
metrics.c
netfilter.c
netlink.c
nexthop.c nexthop: fix uninitialized variable in nla_put_nh_group_stats() 2024-03-22 18:03:29 -07:00
ping.c
proc.c inet: annotate devconf data-races 2024-02-28 19:36:39 -08:00
protocol.c
raw.c ipv4: raw: Fix sending packets from raw sockets via IPsec tunnels 2024-03-19 13:45:58 +01:00
raw_diag.c inet_diag: add module pointer to "struct inet_diag_handler" 2024-01-23 15:13:54 +01:00
route.c ipv4: check for NULL idev in ip_route_use_hint() 2024-04-23 19:02:57 -07:00
syncookies.c tcp: Clear req->syncookie in reqsk_alloc(). 2024-03-19 19:35:59 -07:00
sysctl_net_ipv4.c Use READ/WRITE_ONCE() for IP local_port_range. 2023-12-08 10:44:42 -08:00
tcp.c tcp: properly terminate timers for kernel sockets 2024-03-25 19:51:57 -07:00
tcp_ao.c tcp: Fix Use-After-Free in tcp_ao_connect_init 2024-04-23 19:06:39 -07:00
tcp_bbr.c bpf: treewide: Annotate BPF kfuncs in BTF 2024-01-31 20:40:56 -08:00
tcp_bic.c
tcp_bpf.c
tcp_cdg.c
tcp_cong.c bpf, net: validate struct_ops when updating value. 2024-03-04 10:03:57 -08:00
tcp_cubic.c bpf: treewide: Annotate BPF kfuncs in BTF 2024-01-31 20:40:56 -08:00
tcp_dctcp.c bpf: treewide: Annotate BPF kfuncs in BTF 2024-01-31 20:40:56 -08:00
tcp_dctcp.h
tcp_diag.c inet_diag: add module pointer to "struct inet_diag_handler" 2024-01-23 15:13:54 +01:00
tcp_fastopen.c
tcp_highspeed.c
tcp_htcp.c
tcp_hybla.c
tcp_illinois.c
tcp_input.c tcp: add dropreasons in tcp_rcv_state_process() 2024-02-28 10:39:22 +00:00
tcp_ipv4.c tcp: make dropreason in tcp_child_process() work 2024-02-28 10:39:22 +00:00
tcp_lp.c
tcp_metrics.c
tcp_minisocks.c rds: tcp: Fix use-after-free of net in reqsk_timer_handler(). 2024-03-12 18:56:16 -07:00
tcp_nv.c
tcp_offload.c net: move tcpv4_offload and tcpv6_offload to net_hotdata 2024-03-07 21:12:42 -08:00
tcp_output.c net: Remove acked SYN flag from packet in the transmit queue correctly 2023-12-12 15:56:02 -08:00
tcp_plb.c
tcp_rate.c
tcp_recovery.c
tcp_scalable.c
tcp_sigpool.c net/tcp_sigpool: Use kref_get_unless_zero() 2024-01-01 14:42:05 +00:00
tcp_timer.c
tcp_ulp.c
tcp_vegas.c
tcp_vegas.h
tcp_veno.c
tcp_westwood.c
tcp_yeah.c
tunnel4.c net: fill in MODULE_DESCRIPTION()s for ipv4 modules 2024-02-09 14:12:02 -08:00
udp.c udp: preserve the connected status if only UDP cmsg 2024-04-19 20:10:15 -07:00
udp_bpf.c
udp_diag.c inet_diag: add module pointer to "struct inet_diag_handler" 2024-01-23 15:13:54 +01:00
udp_impl.h
udp_offload.c udp: prevent local UDP tunnel packets from being GROed 2024-03-29 11:30:44 +00:00
udp_tunnel_core.c net: fill in MODULE_DESCRIPTION()s for ipv4 modules 2024-02-09 14:12:02 -08:00
udp_tunnel_nic.c
udp_tunnel_stub.c
udplite.c
xfrm4_input.c net: adopt skb_network_offset() and similar helpers 2024-03-04 08:47:06 +00:00
xfrm4_output.c
xfrm4_policy.c
xfrm4_protocol.c
xfrm4_state.c
xfrm4_tunnel.c net: fill in MODULE_DESCRIPTION()s for ipv4 modules 2024-02-09 14:12:02 -08:00