]> git.ipfire.org Git - thirdparty/kernel/stable.git/commit
projects / thirdparty / kernel / stable.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 0cd7ca7) | patch
dump_common_audit_data(): fix racy accesses to ->d_name
authorAl Viro <viro@zeniv.linux.org.uk>
Tue, 5 Jan 2021 19:43:46 +0000 (14:43 -0500)
committerGreg Kroah-Hartman <gregkh@linuxfoundation.org>
Sat, 23 Jan 2021 14:36:55 +0000 (15:36 +0100)
commitb1de083b11f86b2e77ca8d28580730c7974c059b
tree9d0dec3525136d7bb0d2bb7ee25abf4c39c9f0d0tree
parent0cd7ca78a35976956292daf32bf7831e6c18753dcommit | diff
dump_common_audit_data(): fix racy accesses to ->d_name

commit d36a1dd9f77ae1e72da48f4123ed35627848507d upstream.

We are not guaranteed the locking environment that would prevent
dentry getting renamed right under us.  And it's possible for
old long name to be freed after rename, leading to UAF here.

Cc: stable@kernel.org # v2.6.2+
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
security/lsm_audit.c diff | blob | blame | history
Mirror https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git