mirrors/linux-stable
1
0
Fork 0
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git synced 2024-10-02 07:04:24 +00:00
Code Issues Releases Wiki Activity
No description
1125203 commits 105 branches 5103 tags 5.6 GiB
C 97.6%
Assembly 1%
Shell 0.5%
Python 0.3%
Makefile 0.3%
Find a file
Zhengchao Shao a8055677b0 can: af_can: fix NULL pointer dereference in can_rx_register() 
[ Upstream commit 8aa59e3559 ]

It causes NULL pointer dereference when testing as following:
(a) use syscall(__NR_socket, 0x10ul, 3ul, 0) to create netlink socket.
(b) use syscall(__NR_sendmsg, ...) to create bond link device and vxcan
    link device, and bind vxcan device to bond device (can also use
    ifenslave command to bind vxcan device to bond device).
(c) use syscall(__NR_socket, 0x1dul, 3ul, 1) to create CAN socket.
(d) use syscall(__NR_bind, ...) to bind the bond device to CAN socket.

The bond device invokes the can-raw protocol registration interface to
receive CAN packets. However, ml_priv is not allocated to the dev,
dev_rcv_lists is assigned to NULL in can_rx_register(). In this case,
it will occur the NULL pointer dereference issue.

The following is the stack information:
BUG: kernel NULL pointer dereference, address: 0000000000000008
PGD 122a4067 P4D 122a4067 PUD 1223c067 PMD 0
Oops: 0000 [#1] PREEMPT SMP
RIP: 0010:can_rx_register+0x12d/0x1e0
Call Trace:
<TASK>
raw_enable_filters+0x8d/0x120
raw_enable_allfilters+0x3b/0x130
raw_bind+0x118/0x4f0
__sys_bind+0x163/0x1a0
__x64_sys_bind+0x1e/0x30
do_syscall_64+0x35/0x80
entry_SYSCALL_64_after_hwframe+0x63/0xcd
</TASK>

Fixes: 4e096a1886 ("net: introduce CAN specific pointer in the struct net_device")
Signed-off-by: Zhengchao Shao <shaozhengchao@huawei.com>
Reviewed-by: Marc Kleine-Budde <mkl@pengutronix.de>
Link: https://lore.kernel.org/all/20221028085650.170470-1-shaozhengchao@huawei.com
Signed-off-by: Marc Kleine-Budde <mkl@pengutronix.de>
Signed-off-by: Sasha Levin <sashal@kernel.org>
2022-11-16 10:03:56 +01:00
arch KVM: s390: pci: Fix allocation size of aift kzdev elements 2022-11-16 10:03:54 +01:00
block blk-mq: Fix kmemleak in blk_mq_init_allocated_queue 2022-11-10 18:17:29 +01:00
certs certs: make system keyring depend on built-in x509 parser 2022-09-24 04:31:18 +09:00
crypto crypto: akcipher - default implementation for setting a private key 2022-10-21 12:38:59 +02:00
Documentation KVM: s390: pv: don't allow userspace to set the clock under PV 2022-11-16 10:03:54 +01:00
drivers platform/x86: p2sb: Don't fail if unknown CPU is found 2022-11-16 10:03:55 +01:00
fs cifs: fix regression in very old smb1 mounts 2022-11-10 18:17:39 +01:00
include capabilities: fix undefined behavior in bit shift for CAP_TO_MASK 2022-11-16 10:03:54 +01:00
init arm64 fixes for -rc3 2022-08-26 11:32:53 -07:00
io_uring io_uring: don't iopoll from io_ring_ctx_wait_and_kill() 2022-11-10 18:17:25 +01:00
ipc ipc: mqueue: fix possible memory leak in init_mqueue_fs() 2022-10-21 12:38:55 +02:00
kernel bpf: Fix wrong reg type conversion in release_reference() 2022-11-16 10:03:52 +01:00
lib lib/Kconfig.debug: Add check for non-constant .{s,u}leb128 support to DWARF5 2022-10-21 12:39:29 +02:00
LICENSES LICENSES/LGPL-2.1: Add LGPL-2.1-or-later as valid identifiers 2021-12-16 14:33:10 +01:00
mm mm: prep_compound_tail() clear page->private 2022-11-04 00:00:23 +09:00
net can: af_can: fix NULL pointer dereference in can_rx_register() 2022-11-16 10:03:56 +01:00
samples Tracing updates for 5.20 / 6.0 2022-08-05 09:41:12 -07:00
scripts kbuild: rpm-pkg: fix breakage when V=1 is used 2022-10-21 12:39:01 +02:00
security capabilities: fix potential memleak on error path from vfs_getxattr_alloc() 2022-11-10 18:17:33 +01:00
sound ALSA: arm: pxa: pxa2xx-ac97-lib: fix return value check of platform_get_irq() 2022-11-16 10:03:51 +01:00
tools bpftool: Fix NULL pointer dereference when pin {PROG, MAP, LINK} without FILE 2022-11-16 10:03:51 +01:00
usr Not a lot of material this cycle. Many singleton patches against various 2022-05-27 11:22:03 -07:00
virt KVM: debugfs: Return retval of simple_attr_open() if it fails 2022-11-16 10:03:48 +01:00
.clang-format PCI/DOE: Add DOE mailbox support functions 2022-07-19 15:38:04 -07:00
.cocciconfig
.get_maintainer.ignore get_maintainer: add Alan to .get_maintainer.ignore 2022-08-20 15:17:44 -07:00
.gitattributes .gitattributes: use 'dts' diff driver for dts files 2019-12-04 19:44:11 -08:00
.gitignore kbuild: split the second line of *.mod into *.usyms 2022-05-08 03:16:59 +09:00
.mailmap Qualcomm ARM64 DTS fixes for 6.0 2022-09-23 16:44:37 +02:00
COPYING COPYING: state that all contributions really are covered by this file 2020-02-10 13:32:20 -08:00
CREDITS drm for 5.20/6.0 2022-08-03 19:52:08 -07:00
Kbuild kbuild: rename hostprogs-y/always to hostprogs/always-y 2020-02-04 01:53:07 +09:00
Kconfig kbuild: ensure full rebuild when the compiler is updated 2020-05-12 13:28:33 +09:00
MAINTAINERS One MAINTAINERS update, two MM fixes, both cc:stable 2022-10-01 09:13:29 -07:00
Makefile Linux 6.0.8 2022-11-10 18:17:40 +01:00
README Drop all 00-INDEX files from Documentation/ 2018-09-09 15:08:58 -06:00

README 

Linux kernel
============

There are several guides for kernel developers and users. These guides can
be rendered in a number of formats, like HTML and PDF. Please read
Documentation/admin-guide/README.rst first.

In order to build the documentation, use ``make htmldocs`` or
``make pdfdocs``.  The formatted documentation can also be read online at:

    https://www.kernel.org/doc/html/latest/

There are various text files in the Documentation/ subdirectory,
several of them using the Restructured Text markup notation.

Please read the Documentation/process/changes.rst file, as it contains the
requirements for building and running the kernel, and information about
the problems which may result by upgrading your kernel.