| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 5 Jan 2017 19:33:41 +0800
From: Zhou Chengming <zhouchengming1@...wei.com>
To: <linux-kernel@...r.kernel.org>, <viro@...iv.linux.org.uk>,
<ebiederm@...ssion.com>, <balbi@...nel.org>
CC: <konishi.ryusuke@....ntt.co.jp>, <jack@...e.cz>,
<dmitry.torokhov@...il.com>, <caiqian@...hat.com>,
<yangshukui@...wei.com>, <guohanjun@...wei.com>,
<dingtianhong@...wei.com>, <lizefan@...wei.com>,
<zhouchengming1@...wei.com>
Subject: [PATCH] Drop reference added by grab_header
Fixes CVE-2016-9191.
Reported-by: CAI Qian <caiqian@...hat.com>
Tested-by: Yang Shukui <yangshukui@...wei.com>
Signed-off-by: Zhou Chengming <zhouchengming1@...wei.com>
---
fs/proc/proc_sysctl.c | 3 ++-
1 files changed, 2 insertions(+), 1 deletions(-)
diff --git a/fs/proc/proc_sysctl.c b/fs/proc/proc_sysctl.c
index 5d931bf..c4c90bd 100644
--- a/fs/proc/proc_sysctl.c
+++ b/fs/proc/proc_sysctl.c
@@ -718,7 +718,7 @@ static int proc_sys_readdir(struct file *file, struct dir_context *ctx)
ctl_dir = container_of(head, struct ctl_dir, header);
if (!dir_emit_dots(file, ctx))
- return 0;
+ goto out;
pos = 2;
@@ -728,6 +728,7 @@ static int proc_sys_readdir(struct file *file, struct dir_context *ctx)
break;
}
}
+out:
sysctl_head_finish(head);
return 0;
}
--
1.7.7
Powered by blists - more mailing lists