lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Fri, 22 Mar 2019 06:12:11 +0000 From: "Yang, Fei" <fei.yang@...el.com> To: Greg KH <gregkh@...uxfoundation.org> CC: "balbi@...nel.org" <balbi@...nel.org>, "andrzej.p@...labora.com" <andrzej.p@...labora.com>, "plr.vincent@...il.com" <plr.vincent@...il.com>, "Shen, JingX" <jingx.shen@...el.com>, "john.stultz@...aro.org" <john.stultz@...aro.org>, "linux-usb@...r.kernel.org" <linux-usb@...r.kernel.org>, "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org> Subject: RE: [PATCH v3] usb: gadget: f_fs: don't free buffer prematurely >> The following kernel panic happens due to the io_data buffer gets >> deallocated before the async io is completed. Add a check for the case >> where io_data buffer should be deallocated by ffs_user_copy_worker. >> >> [ 41.663334] BUG: unable to handle kernel NULL pointer dereference at 0000000000000048 >> >> Fixes: 772a7a724f6 ("usb: gadget: f_fs: Allow scatter-gather buffers") >> Signed-off-by: Fei Yang <fei.yang@...el.com> >> Reviewed-by: Manu Gautam <mgautam@...eaurora.org> >> Tested-by: John Stultz <john.stultz@...aro.org> >> --- >> v2: add tag: "Fixes: 772a7a724f6 ......", Reviewed-by and Tested-by. >> v3: check data for NULL instead of "ret == -EIOCBQUEUED", which would be safer >> and keep the original logic intact. > > If it "fixes" a problem in 5.0, we should add a: > Cc: stable <stable@...r.kernel.org> > to it as well. Sent [PATCH v4] with Cc: stable > thanks, > > greg k-h
Powered by blists - more mailing lists