projects / linux-block.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 4cece76) | patch
fs/9p: fix uaf in in v9fs_stat2inode_dotl
authorLizhi Xu <lizhi.xu@windriver.com>
Fri, 2 Feb 2024 12:15:31 +0000 (20:15 +0800)
committerEric Van Hensbergen <ericvh@kernel.org>
Mon, 25 Mar 2024 00:34:35 +0000 (00:34 +0000)
commit11763a8598f888dec631a8a903f7ada32181001f
tree662db161bf74852c7bcec0b4c70d372bfcab2ad5tree | snapshot
parent4cece764965020c22cff7665b18a012006359095commit | diff
fs/9p: fix uaf in in v9fs_stat2inode_dotl

The incorrect logical order of accessing the st object code in v9fs_fid_iget_dotl
is causing this uaf.

Fixes: 724a08450f74 ("fs/9p: simplify iget to remove unnecessary paths")
Reported-and-tested-by: syzbot+7a3d75905ea1a830dbe5@syzkaller.appspotmail.com
Signed-off-by: Lizhi Xu <lizhi.xu@windriver.com>
Tested-by: Breno Leitao <leitao@debian.org>
Reviewed-by: Dominique Martinet <asmadeus@codewreck.org>
Signed-off-by: Eric Van Hensbergen <ericvh@kernel.org>
fs/9p/vfs_inode_dotl.c diff | blob | blame | history
Linux 6.x block layer and io_uring tree(s)