git.ipfire.org Git - thirdparty/kernel/stable.git/commit

author	Namjae Jeon <linkinjeon@kernel.org>
	Wed, 5 Mar 2025 12:21:43 +0000 (21:21 +0900)
committer	Greg Kroah-Hartman <gregkh@linuxfoundation.org>
	Sat, 22 Mar 2025 19:54:24 +0000 (12:54 -0700)
commit	62746ae3f5414244a96293e3b017be637b641280
tree	a7b4f7e3df97b15e11b189b6af9d16ae478fab5f	tree
parent	bac7b8b1a3f1a86eeec85835af106cbdc2b9d9f7	commit \| diff

ksmbd: fix use-after-free in ksmbd_free_work_struct

commit bb39ed47065455604729404729d9116868638d31 upstream.

->interim_entry of ksmbd_work could be deleted after oplock is freed.
We don't need to manage it with linked list. The interim request could be
immediately sent whenever a oplock break wait is needed.

Cc: stable@vger.kernel.org
Reported-by: Norbert Szetei <norbert@doyensec.com>
Tested-by: Norbert Szetei <norbert@doyensec.com>
Signed-off-by: Namjae Jeon <linkinjeon@kernel.org>
Signed-off-by: Steve French <stfrench@microsoft.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

fs/smb/server/ksmbd_work.c		diff \| blob \| blame \| history
fs/smb/server/ksmbd_work.h		diff \| blob \| blame \| history
fs/smb/server/oplock.c		diff \| blob \| blame \| history
fs/smb/server/oplock.h		diff \| blob \| blame \| history