mirrors/linux-stable
1
0
Fork 0
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git synced 2024-10-01 22:54:01 +00:00
Code Issues Releases Wiki Activity
linux-stable/net
History
Chuck Lever e793ac763c xprtrdma: Fix use-after-free in rpcrdma_post_recvs 
[ Upstream commit 2d0abe36cf ]

Dereference wr->next /before/ the memory backing wr has been
released. This issue was found by code inspection. It is not
expected to be a significant problem because it is in an error
path that is almost never executed.

Fixes: 7c8d9e7c88 ("xprtrdma: Move Receive posting to ... ")
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Anna Schumaker <Anna.Schumaker@Netapp.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
2020-01-27 14:50:59 +01:00
..
6lowpan 6lowpan: Off by one handling ->nexthdr 2020-01-27 14:50:41 +01:00
9p 9p: Transport error uninitialized 2019-10-11 18:21:12 +02:00
802
8021q vlan: vlan_changelink() should propagate errors 2020-01-12 12:17:28 +01:00
appletalk appletalk: Set error code if register_snap_client failed 2019-12-13 08:52:59 +01:00
atm net: use skb_queue_empty_lockless() in poll() handlers 2019-11-10 11:27:48 +01:00
ax25 ax25: enforce CAP_NET_RAW for raw sockets 2019-10-05 13:09:32 +02:00
batman-adv batman-adv: Fix DAT candidate selection on little endian systems 2020-01-23 08:21:34 +01:00
bluetooth Bluetooth: Fix memory leak in hci_connect_le_scan 2020-01-09 10:19:04 +01:00
bpf
bpfilter signal/bpfilter: Fix bpfilter_kernl to use send_sig not force_sig 2020-01-27 14:50:51 +01:00
bridge netfilter: ebtables: CONFIG_COMPAT: reject trailing data after last rule 2020-01-27 14:50:47 +01:00
caif net: use skb_queue_empty_lockless() in poll() handlers 2019-11-10 11:27:48 +01:00
can can: gw: Fix error path of cgw_module_init 2019-08-29 08:28:30 +02:00
ceph libceph: fix PG split vs OSD (re)connect race 2019-08-29 08:28:50 +02:00
core bpf: fix the check that forwarding is enabled in bpf_ipv6_fib_lookup 2020-01-27 14:50:55 +01:00
dcb
dccp dccp: Fix memleak in __feat_register_sp 2020-01-17 19:46:58 +01:00
decnet net: add bool confirm_neigh parameter for dst_ops.update_pmtu 2020-01-04 19:13:37 +01:00
dns_resolver
dsa net: dsa: Avoid null pointer when failing to connect to PHY 2020-01-27 14:50:34 +01:00
ethernet net: add annotations on hh->hh_len lockless accesses 2020-01-09 10:19:09 +01:00
hsr hsr: reset network header when supervision frame is created 2020-01-17 19:47:00 +01:00
ieee802154 inet: frags: call inet_frags_fini() after unregister_pernet_subsys() 2020-01-27 14:50:51 +01:00
ife
ipv4 net/udp_gso: Allow TX timestamp with UDP GSO 2020-01-27 14:50:56 +01:00
ipv6 ip6_fib: Don't discard nodes with valid routing information in fib6_locate_1() 2020-01-27 14:50:57 +01:00
iucv net/af_iucv: always register net_device notifier 2020-01-27 14:50:56 +01:00
kcm kcm: switch order of device registration to fix a crash 2019-04-17 08:38:40 +02:00
key af_key: fix leaks in key_pol_get_resp and dump_sp. 2019-07-26 09:14:01 +02:00
l2tp l2tp: Fix possible NULL pointer dereference 2020-01-27 14:50:46 +01:00
l3mdev
lapb lapb: fixed leak of control-blocks. 2019-06-22 08:15:13 +02:00
llc llc2: Fix return statement of llc_stat_ev_rx_null_dsap_xid_c (and _test_c) 2020-01-12 12:17:23 +01:00
mac80211 mac80211: Do not send Layer 2 Update frame before authorization 2020-01-17 19:46:56 +01:00
mac802154
mpls mpls: fix warning with multi-label encap 2020-01-27 14:50:54 +01:00
ncsi
netfilter netfilter: nft_flow_offload: add entry to flowtable after confirmation 2020-01-27 14:50:43 +01:00
netlabel netlabel: fix out-of-bounds memory accesses 2019-03-10 07:17:18 +01:00
netlink genetlink: Fix a memory leak on error path 2019-04-03 06:26:15 +02:00
netrom netrom: hold sock when setting skb->destructor 2019-07-28 08:29:27 +02:00
nfc net: nfc: nci: fix a possible sleep-in-atomic-context bug in nci_uart_tty_receive() 2019-12-31 16:34:38 +01:00
nsh
openvswitch openvswitch: support asymmetric conntrack 2019-12-21 10:57:14 +01:00
packet packet: in recvmsg msg_name return at least sizeof sockaddr_ll 2020-01-27 14:50:43 +01:00
phonet net: use skb_queue_empty_lockless() in poll() handlers 2019-11-10 11:27:48 +01:00
psample net: psample: fix skb_over_panic 2019-12-05 09:21:30 +01:00
qrtr net: qrtr: fix memort leak in qrtr_tun_write_iter 2019-12-13 08:52:58 +01:00
rds net/rds: Fix error handling in rds_ib_add_one() 2019-10-07 18:57:24 +02:00
rfkill rfkill: Fix incorrect check to avoid NULL pointer dereference 2020-01-12 12:17:17 +01:00
rose net/rose: fix unbound loop in rose_loopback_timer() 2019-05-02 09:59:00 +02:00
rxrpc rxrpc: Fix uninitialized error code in rxrpc_send_data_packet() 2020-01-27 14:50:59 +01:00
sched net/sched: cbs: Fix error path of cbs_module_init 2020-01-27 14:50:57 +01:00
sctp sctp: free cmd->obj.chunk for the unprocessed SCTP_CMD_REPLY 2020-01-12 12:17:27 +01:00
smc net/smc: original socket family in inet_sock_diag 2020-01-27 14:50:20 +01:00
strparser net: strparser: partially revert "strparser: Call skb_unclone conditionally" 2019-05-16 19:41:27 +02:00
sunrpc xprtrdma: Fix use-after-free in rpcrdma_post_recvs 2020-01-27 14:50:59 +01:00
switchdev
tipc tipc: set sysctl_tipc_rmem and named_timeout right range 2020-01-27 14:50:39 +01:00
tls net: tls, fix sk_write_space NULL write when tx disabled 2019-09-06 10:22:04 +02:00
unix af_unix: add compat_ioctl support 2020-01-17 19:47:07 +01:00
vmw_vsock VSOCK: bind to random port for VMADDR_PORT_ANY 2019-12-05 09:20:19 +01:00
wimax
wireless cfg80211: regulatory: make initialization more robust 2020-01-27 14:49:57 +01:00
x25 net/x25: fix null_x25_address handling 2019-12-13 08:52:15 +01:00
xdp xsk: add missing smp_rmb() in xsk_mmap 2020-01-27 14:50:21 +01:00
xfrm xfrm interface: fix management of phydev 2019-12-13 08:52:42 +01:00
compat.c sock: Make sock->sk_stamp thread-safe 2019-01-09 17:38:33 +01:00
Kconfig
Makefile
socket.c compat_ioctl: handle SIOCOUTQNSD 2020-01-17 19:47:07 +01:00
sysctl_net.c