mirrors/linux-stable
1
0
Fork 0
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git synced 2024-09-15 15:15:47 +00:00
Code Issues Releases Wiki Activity
linux-stable/net
History
Pietro Borrello f81c0d484a inet: fix fast path in __inet_hash_connect() 
[ Upstream commit 21cbd90a6f ]

__inet_hash_connect() has a fast path taken if sk_head(&tb->owners) is
equal to the sk parameter.
sk_head() returns the hlist_entry() with respect to the sk_node field.
However entries in the tb->owners list are inserted with respect to the
sk_bind_node field with sk_add_bind_node().
Thus the check would never pass and the fast path never execute.

This fast path has never been executed or tested as this bug seems
to be present since commit 1da177e4c3 ("Linux-2.6.12-rc2"), thus
remove it to reduce code complexity.

Signed-off-by: Pietro Borrello <borrello@diag.uniroma1.it>
Reviewed-by: Kuniyuki Iwashima <kuniyu@amazon.com>
Reviewed-by: Eric Dumazet <edumazet@google.com>
Link: https://lore.kernel.org/r/20230112-inet_hash_connect_bind_head-v3-1-b591fd212b93@diag.uniroma1.it
Signed-off-by: Paolo Abeni <pabeni@redhat.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
2023-03-11 16:43:55 +01:00
..
6lowpan 6lowpan: iphc: Fix an off-by-one check of array index 2021-09-15 09:47:31 +02:00
9p 9p/xen: check logical size for buffer size 2022-12-14 11:30:41 +01:00
802 mrp: introduce active flags to prevent UAF when applicant uninit 2023-01-18 11:41:37 +01:00
8021q net: vlan: fix underflow for the real_dev refcnt 2021-12-01 09:23:34 +01:00
appletalk
atm treewide: Replace DECLARE_TASKLET() with DECLARE_TASKLET_OLD() 2023-03-11 16:43:42 +01:00
ax25 ax25: Fix UAF bugs in ax25 timers 2022-04-20 09:19:40 +02:00
batman-adv batman-adv: Don't skb_split skbuffs with frag_list 2022-05-18 09:47:24 +02:00
bluetooth Bluetooth: L2CAP: Fix potential user-after-free 2023-03-11 16:43:41 +01:00
bpf bpf: Move skb->len == 0 checks into __bpf_redirect 2023-01-18 11:41:04 +01:00
bpfilter
bridge netfilter: br_netfilter: disable sabotage_in hook after first suppression 2023-02-22 12:50:24 +01:00
caif net: Remove WARN_ON_ONCE(sk->sk_forward_alloc) from sk_stream_kill_queues(). 2023-03-03 11:41:48 +01:00
can can: j1939: do not wait 250 ms if the same addr was already claimed 2023-02-22 12:50:30 +01:00
ceph
core net: add sock_init_data_uid() 2023-03-11 16:43:40 +01:00
dcb net: dcb: disable softirqs in dcbnl_flush_dev() 2022-03-08 19:07:51 +01:00
dccp dccp/tcp: Avoid negative sk_forward_alloc by ipv6_pinfo.pktoptions. 2023-02-22 12:50:40 +01:00
decnet
dns_resolver
dsa net: dsa: ksz: Check return value 2022-12-14 11:30:45 +01:00
ethernet
hsr hsr: Avoid double remove of a node. 2023-01-18 11:41:09 +01:00
ieee802154 net: ieee802154: fix error return code in dgram_bind() 2022-11-03 23:56:54 +09:00
ife
ipv4 inet: fix fast path in __inet_hash_connect() 2023-03-11 16:43:55 +01:00
ipv6 ipv6: Fix tcp socket connection with DSCP. 2023-02-22 12:50:41 +01:00
iucv treewide: Replace DECLARE_TASKLET() with DECLARE_TASKLET_OLD() 2023-03-11 16:43:42 +01:00
kcm kcm: close race conditions on sk_receive_queue 2022-11-25 17:42:21 +01:00
key af_key: Fix send_acquire race with pfkey_register 2022-12-08 11:22:57 +01:00
l2tp l2tp: Don't sleep and disable BH under writer-side sk_callback_lock 2023-02-06 07:52:38 +01:00
l3mdev l3mdev: l3mdev_master_upper_ifindex_by_index_rcu should be using netdev_master_upper_dev_get_rcu 2022-04-27 13:50:47 +02:00
lapb
llc llc: only change llc->dev when bind() succeeds 2022-03-28 08:46:48 +02:00
mac80211 wifi: mac80211: make rate u32 in sta_set_rate_info_rx() 2023-03-11 16:43:42 +01:00
mac802154 mac802154: fix missing INIT_LIST_HEAD in ieee802154_if_add() 2022-12-14 11:30:45 +01:00
mpls net: mpls: fix stale pointer if allocation fails during device rename 2023-02-22 12:50:41 +01:00
ncsi net/ncsi: check for error return from call to nla_put_u32 2022-01-05 12:37:45 +01:00
netfilter netfilter: nft_tproxy: restrict to prerouting hook 2023-02-22 12:50:35 +01:00
netlabel netlabel: fix out-of-bounds memory accesses 2022-04-15 14:18:35 +02:00
netlink netlink: annotate data races around sk_state 2023-02-06 07:52:45 +01:00
netrom netrom: Fix use-after-free caused by accept on already connected socket 2023-02-22 12:50:24 +01:00
nfc net: nfc: Fix use-after-free in local_cleanup() 2023-02-06 07:52:37 +01:00
nsh
openvswitch net: openvswitch: fix flow memory leak in ovs_flow_cmd_new 2023-02-22 12:50:25 +01:00
packet net/af_packet: make sure to pull mac header 2023-01-18 11:41:45 +01:00
phonet phonet: refcount leak in pep_sock_accep 2022-01-11 15:23:33 +01:00
psample
qrtr net: qrtr: fix another OOB Read in qrtr_endpoint_post 2021-09-03 10:08:12 +02:00
rds rds: rds_rm_zerocopy_callback() correct order for list_add_tail() 2023-03-11 16:43:41 +01:00
rfkill
rose net/rose: Fix to not accept on connected socket 2023-02-22 12:50:34 +01:00
rxrpc rxrpc: Fix missing unlock in rxrpc_do_sendmsg() 2023-01-18 11:41:33 +01:00
sched Revert "net/sched: taprio: make qdisc_leaf() see the per-netdev-queue pfifo child qdiscs" 2023-02-25 11:53:27 +01:00
sctp sctp: sctp_sock_filter(): avoid list_entry() on possibly empty list 2023-02-22 12:50:40 +01:00
smc net/smc: Remove redundant refcount increase 2022-09-15 12:04:50 +02:00
strparser bpf: sockmap, strparser, and tls are reusing qdisc_skb_cb and colliding 2021-11-17 09:48:48 +01:00
sunrpc xprtrdma: Fix regbuf data not freed in rpcrdma_req_create() 2023-02-22 12:50:29 +01:00
switchdev net: switchdev: do not propagate bridge updates across bridges 2021-10-27 09:54:24 +02:00
tipc tipc: call tipc_lxc_xmit without holding node_read_lock 2023-01-18 11:42:06 +01:00
tls net/tls: Fix race in TLS device down flow 2022-07-29 17:14:12 +02:00
unix af_unix: Get user_ns from in_skb in unix_diag_get_exact(). 2022-12-14 11:30:44 +01:00
vmw_vsock net: vmw_vsock: vmci: Check memcpy_from_msg() 2023-01-18 11:41:13 +01:00
wimax
wireless wifi: cfg80211: Fix not unregister reg_pdev when load_builtin_regdb_keys() fails 2023-01-18 11:41:08 +01:00
x25 net/x25: Fix to not accept on connected socket 2023-02-22 12:50:26 +01:00
xdp Revert "xsk: Do not sleep in poll() when need_wakeup set" 2021-12-22 09:29:40 +01:00
xfrm xfrm: fix bug with DSCP copy to v6 from v4 tunnel 2023-02-22 12:50:31 +01:00
compat.c
Kconfig
Makefile
socket.c net: Fix a data-race around sysctl_somaxconn. 2022-09-05 10:27:42 +02:00
sysctl_net.c