review.tizen.org Git - platform/kernel/linux-starfive.git/commit

author	Namjae Jeon <linkinjeon@kernel.org>
	Sat, 13 Jan 2024 06:30:07 +0000 (15:30 +0900)
committer	Greg Kroah-Hartman <gregkh@linuxfoundation.org>
	Thu, 25 Jan 2024 23:35:44 +0000 (15:35 -0800)
commit	24290ba94cd0136e417283b0dbf8fcdabcf62111
tree	9130d723c76ebc559b3be93c9878408b4e13eab9	tree \| snapshot
parent	a2b21ef1ea4cf632d19b3a7cc4d4245b8e63202a	commit \| diff

ksmbd: fix UAF issue in ksmbd_tcp_new_connection()

commit 38d20c62903d669693a1869aa68c4dd5674e2544 upstream.

The race is between the handling of a new TCP connection and
its disconnection. It leads to UAF on `struct tcp_transport` in
ksmbd_tcp_new_connection() function.

Cc: stable@vger.kernel.org
Reported-by: zdi-disclosures@trendmicro.com # ZDI-CAN-22991
Signed-off-by: Namjae Jeon <linkinjeon@kernel.org>
Signed-off-by: Steve French <stfrench@microsoft.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

fs/smb/server/connection.c		diff \| blob \| history
fs/smb/server/connection.h		diff \| blob \| history
fs/smb/server/transport_rdma.c		diff \| blob \| history
fs/smb/server/transport_tcp.c		diff \| blob \| history