]> git.ipfire.org Git - thirdparty/kernel/stable.git/commit
projects / thirdparty / kernel / stable.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 257f0bd) | patch
RDMA/erdma: Prevent use-after-free in erdma_accept_newconn()
authorCheng Xu <chengyou@linux.alibaba.com>
Thu, 6 Mar 2025 12:04:40 +0000 (20:04 +0800)
committerGreg Kroah-Hartman <gregkh@linuxfoundation.org>
Thu, 10 Apr 2025 12:39:19 +0000 (14:39 +0200)
commita114d25d584c14019d31dbf2163780c47415a187
tree6f6096d337fbdf597f837f6944a650b52c2c79bdtree
parent257f0bdd5a4be80f192e6febdb9072d4e9859977commit | diff
RDMA/erdma: Prevent use-after-free in erdma_accept_newconn()

[ Upstream commit 83437689249e6a17b25e27712fbee292e42e7855 ]

After the erdma_cep_put(new_cep) being called, new_cep will be freed,
and the following dereference will cause a UAF problem. Fix this issue.

Fixes: 920d93eac8b9 ("RDMA/erdma: Add connection management (CM) support")
Signed-off-by: Markus Elfring <elfring@users.sourceforge.net>
Signed-off-by: Cheng Xu <chengyou@linux.alibaba.com>
Signed-off-by: Leon Romanovsky <leon@kernel.org>
Signed-off-by: Sasha Levin <sashal@kernel.org>
drivers/infiniband/hw/erdma/erdma_cm.c diff | blob | blame | history
Mirror https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git