| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 21 Oct 2016 16:44:03 +0300
From: Alexey Dobriyan <adobriyan@...il.com>
To: Linux Kernel <linux-kernel@...r.kernel.org>
Cc: chianglungyu@...il.com, Janis Danisevskis <jdanis@...gle.com>,
John Stultz <john.stultz@...aro.org>,
Kees Cook <keescook@...omium.org>,
Mateusz Guzik <mguzik@...hat.com>, mhocko@...e.com,
Oleg Nesterov <oleg@...hat.com>,
Al Viro <viro@...iv.linux.org.uk>, mm-commits@...r.kernel.org
Subject: Re: + proc-fix-null-dereference-when-reading-proc-pid-auxv.patch
added to -mm tree
On Fri, Oct 21, 2016 at 6:13 AM, <akpm@...ux-foundation.org> wrote:
> Reading auxv of any kernel thread results in NULL pointer dereferencing in
> auxv_read() where mm can be NULL. Fix that by checking for NULL mm and
> bailing out early. This is also the original behavior changed by recent
> commit c5317167854e ("proc: switch auxv to use of __mem_open()").
> --- a/fs/proc/base.c~proc-fix-null-dereference-when-reading-proc-pid-auxv
> +++ a/fs/proc/base.c
> @@ -1014,6 +1014,9 @@ static ssize_t auxv_read(struct file *fi
> {
> struct mm_struct *mm = file->private_data;
> unsigned int nwords = 0;
> +
> + if (!mm)
> + return 0;
Rhetorical question: who wrote such clever __mem_open() ?
Powered by blists - more mailing lists