projects / linux-block.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: d6a0443) | patch
mptcp: fix NULL pointer dereference on fastopen early fallback
authorPaolo Abeni <pabeni@redhat.com>
Tue, 11 Apr 2023 20:42:11 +0000 (22:42 +0200)
committerJakub Kicinski <kuba@kernel.org>
Thu, 13 Apr 2023 16:58:55 +0000 (09:58 -0700)
commitc0ff6f6da66a7791a32c0234388b1bdc00244917
tree497dbc31124fcf1c5548279c653fb401d371dd22tree | snapshot
parentd6a0443733434408f2cbd4c53fea6910599bab9ecommit | diff
mptcp: fix NULL pointer dereference on fastopen early fallback

In case of early fallback to TCP, subflow_syn_recv_sock() deletes
the subflow context before returning the newly allocated sock to
the caller.

The fastopen path does not cope with the above unconditionally
dereferencing the subflow context.

Fixes: 36b122baf6a8 ("mptcp: add subflow_v(4,6)_send_synack()")
Cc: stable@vger.kernel.org
Signed-off-by: Paolo Abeni <pabeni@redhat.com>
Reviewed-by: Matthieu Baerts <matthieu.baerts@tessares.net>
Signed-off-by: Matthieu Baerts <matthieu.baerts@tessares.net>
Signed-off-by: Jakub Kicinski <kuba@kernel.org>
net/mptcp/fastopen.c diff | blob | blame | history
Linux 6.x block layer and io_uring tree(s)