]> git.ipfire.org Git - thirdparty/kernel/stable.git/commit
projects / thirdparty / kernel / stable.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: c46c4af) | patch
dump_common_audit_data(): fix racy accesses to ->d_name
authorAl Viro <viro@zeniv.linux.org.uk>
Tue, 5 Jan 2021 19:43:46 +0000 (14:43 -0500)
committerGreg Kroah-Hartman <gregkh@linuxfoundation.org>
Sat, 23 Jan 2021 14:38:17 +0000 (15:38 +0100)
commite8fbf0682f0cbf889822237e57a77be9bfb7ee92
treeba8c2be2983c37834b54fcdc1d91b07061c3aa1dtree | snapshot
parentc46c4af7a12ad509a0cb69ae70bcb8341c3eb98acommit | diff
dump_common_audit_data(): fix racy accesses to ->d_name

commit d36a1dd9f77ae1e72da48f4123ed35627848507d upstream.

We are not guaranteed the locking environment that would prevent
dentry getting renamed right under us.  And it's possible for
old long name to be freed after rename, leading to UAF here.

Cc: stable@kernel.org # v2.6.2+
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
security/lsm_audit.c diff | blob | blame | history
Mirror https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git