lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Mon, 15 Aug 2022 10:32:13 +0300
From:   Nikolay Aleksandrov <razor@...ckwall.org>
To:     Zhengchao Shao <shaozhengchao@...wei.com>, netdev@...r.kernel.org,
        linux-kernel@...r.kernel.org, davem@...emloft.net,
        edumazet@...gle.com, kuba@...nel.org, pabeni@...hat.com
Cc:     idosch@...dia.com, petrm@...dia.com, florent.fourcot@...irst.fr,
        weiyongjun1@...wei.com, yuehaibing@...wei.com
Subject: Re: [PATCH net-next] net: rtnetlink: fix module reference count leak
 issue in rtnetlink_rcv_msg

On 15/08/2022 08:44, Nikolay Aleksandrov wrote:
> On 15/08/2022 05:46, Zhengchao Shao wrote:
>> When bulk delete command is received in the rtnetlink_rcv_msg function,
>> if bulk delete is not supported, module_put is not called to release
>> the reference counting. As a result, module reference count is leaked.
>>
>> Fixes: a6cec0bcd342("net: rtnetlink: add bulk delete support flag")
>> Signed-off-by: Zhengchao Shao <shaozhengchao@...wei.com>
>> ---
>>  net/core/rtnetlink.c | 1 +
>>  1 file changed, 1 insertion(+)
>>
>> diff --git a/net/core/rtnetlink.c b/net/core/rtnetlink.c
>> index ac45328607f7..4b5b15c684ed 100644
>> --- a/net/core/rtnetlink.c
>> +++ b/net/core/rtnetlink.c
>> @@ -6070,6 +6070,7 @@ static int rtnetlink_rcv_msg(struct sk_buff *skb, struct nlmsghdr *nlh,
>>  	if (kind == RTNL_KIND_DEL && (nlh->nlmsg_flags & NLM_F_BULK) &&
>>  	    !(flags & RTNL_FLAG_BULK_DEL_SUPPORTED)) {
>>  		NL_SET_ERR_MSG(extack, "Bulk delete is not supported");
>> +		module_put(owner);
>>  		goto err_unlock;
>>  	}
>>  
> 
> Oops, thanks.
> Acked-by: Nikolay Aleksandrov <razor@...ckwall.org>

By the way I think this should be targeted at -net,
I didn't notice the net-next tag earlier.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ