projects / linux-block.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 80e54e8) | patch
ksmbd: fix use-after-free in ksmbd_free_work_struct
authorNamjae Jeon <linkinjeon@kernel.org>
Wed, 5 Mar 2025 12:21:43 +0000 (21:21 +0900)
committerSteve French <stfrench@microsoft.com>
Mon, 10 Mar 2025 17:54:28 +0000 (12:54 -0500)
commitbb39ed47065455604729404729d9116868638d31
tree11a767c66e1d6ef3c96d4eec00ce4291119f9d2btree
parent80e54e84911a923c40d7bee33a34c1b4be148d7acommit | diff
ksmbd: fix use-after-free in ksmbd_free_work_struct

->interim_entry of ksmbd_work could be deleted after oplock is freed.
We don't need to manage it with linked list. The interim request could be
immediately sent whenever a oplock break wait is needed.

Cc: stable@vger.kernel.org
Reported-by: Norbert Szetei <norbert@doyensec.com>
Tested-by: Norbert Szetei <norbert@doyensec.com>
Signed-off-by: Namjae Jeon <linkinjeon@kernel.org>
Signed-off-by: Steve French <stfrench@microsoft.com>
fs/smb/server/ksmbd_work.c diff | blob | blame | history
fs/smb/server/ksmbd_work.h diff | blob | blame | history
fs/smb/server/oplock.c diff | blob | blame | history
fs/smb/server/oplock.h diff | blob | blame | history
Linux 6.x block layer and io_uring tree(s)