linux

mirror of https://github.com/hardkernel/linux.git synced 2026-06-05 02:21:52 +09:00

Go to file

Acs, Jakub 7400fa1729 block, bfq: fix re-introduced UAF in bic_set_bfqq()

Commit eca0025faa ("block, bfq: split sync bfq_queues on a
per-actuator basis"), which is a backport of 9778369a2d ("block,
bfq: split sync bfq_queues on a per-actuator basis") re-introduces UAF
bug originally fixed by b600de2d7d ("block, bfq: fix uaf for bfqq in
bic_set_bfqq()") and backported to 6.1 in cb1876fc33 ("block, bfq:
fix uaf for bfqq in bic_set_bfqq()").

bfq_release_process_ref() may release the sync_bfqq variable, which
points to the same bfqq as bic->bfqq member for call context from
__bfq_bic_change_cgroup(). bic_set_bfqq() then accesses bic->bfqq member
which leads to the UAF condition.

Fix this by bringing the incriminated function calls back in correct
order.

Fixes: eca0025faa ("block, bfq: split sync bfq_queues on a per-actuator basis")
Signed-off-by: Jakub Acs <acsjakub@amazon.de>
Cc: Hagar Hemdan <hagarhem@amazon.com>
Cc: stable@vger.kernel.org
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

2025-03-28 21:59:02 +01:00

arch

arm64: dts: rockchip: fix u2phy1_host status for NanoPi R4S

2025-03-28 21:59:02 +01:00

block

block, bfq: fix re-introduced UAF in bic_set_bfqq()

2025-03-28 21:59:02 +01:00

certs

certs: Fix build error when PKCS#11 URI contains semicolon

2023-02-09 11:28:11 +01:00

crypto

crypto: api - Add crypto_clone_tfm

2024-12-14 19:53:51 +01:00

Documentation

sched/isolation: Prevent boot crash when the boot CPU is nohz_full

2025-03-28 21:58:48 +01:00

drivers

wifi: iwlwifi: mvm: ensure offloading TID queue exists

2025-03-28 21:59:02 +01:00

fs/ntfs3: Change new sparse cluster processing

2025-03-28 21:59:02 +01:00

include

proc: fix UAF in proc_get_inode()

2025-03-28 21:59:01 +01:00

init

rust: Disallow BTF generation with Rust + LTO

2025-03-28 21:58:57 +01:00

io_uring

io_uring: fix corner case forgetting to vunmap

2025-03-28 21:58:53 +01:00

ipc

ipc: fix memleak if msg_init_ns failed in create_ipc_ns

2024-12-14 19:54:06 +01:00

kernel

sched: Clarify wake_up_q()'s write to task->wake_q.next

2025-03-28 21:58:51 +01:00

lib

lib/buildid: Handle memfd_secret() files in build_id_parse()

2025-03-28 21:58:57 +01:00

LICENSES

LICENSES/LGPL-2.1: Add LGPL-2.1-or-later as valid identifiers

2021-12-16 14:33:10 +01:00

mm/migrate: fix shmem xarray update during migration

2025-03-28 21:59:02 +01:00

net

netfilter: nft_counter: Use u64_stats_t for statistic.

2025-03-28 21:59:01 +01:00

rust

scripts: generate_rust_analyzer: provide cfgs for core and alloc

2025-03-28 21:58:57 +01:00

samples

samples/landlock: Fix possible NULL dereference in parse_path()

2025-02-21 13:49:03 +01:00

scripts

scripts: generate_rust_analyzer: add missing macros deps

2025-03-28 21:58:58 +01:00

security

tomoyo: don't emit warning in tomoyo_write_control()

2025-02-21 13:49:31 +01:00

sound

ASoC: codecs: wm0010: Fix error handling path in wm0010_spi_probe()

2025-03-28 21:58:57 +01:00

tools

selftests: rtnetlink: update netdevsim ipsec output format

2025-02-21 13:50:11 +01:00

usr

usr/gen_init_cpio.c: remove unnecessary -1 values from int file

2022-10-03 14:21:44 -07:00

virt

KVM: Fix a data race on last_boosted_vcpu in kvm_vcpu_on_spin()

2024-06-27 13:46:21 +02:00

.clang-format

inet: ping: use hlist_nulls rcu iterator during lookup

2022-12-01 12:42:46 +01:00

.cocciconfig

scripts: add Linux .cocciconfig for coccinelle

2016-07-22 12:13:39 +02:00

.get_maintainer.ignore

get_maintainer: add Alan to .get_maintainer.ignore

2022-08-20 15:17:44 -07:00

.gitattributes

.gitattributes: use 'dts' diff driver for dts files

2019-12-04 19:44:11 -08:00

.gitignore

Remove *.orig pattern from .gitignore

2024-10-17 15:21:15 +02:00

.mailmap

Merge tag 'mm-hotfixes-stable-2022-12-10-1' of git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm

2022-12-10 17:10:52 -08:00

.rustfmt.toml

rust: add .rustfmt.toml

2022-09-28 09:02:20 +02:00

COPYING

COPYING: state that all contributions really are covered by this file

2020-02-10 13:32:20 -08:00

CREDITS

MAINTAINERS: Remove Michal Marek from Kbuild maintainers

2022-11-16 14:53:00 +09:00

Kbuild

Merge tag 'kbuild-v6.1' of git://git.kernel.org/pub/scm/linux/kernel/git/masahiroy/linux-kbuild

2022-10-10 12:00:45 -07:00

Kconfig

kbuild: ensure full rebuild when the compiler is updated

2020-05-12 13:28:33 +09:00

MAINTAINERS

MAINTAINERS: add leah to 6.1 MAINTAINERS file

2024-05-17 11:56:16 +02:00

Makefile

scripts: make rust-analyzer for out-of-tree modules

2025-03-28 21:58:57 +01:00

README

Drop all 00-INDEX files from Documentation/

2018-09-09 15:08:58 -06:00

README

Linux kernel
============

There are several guides for kernel developers and users. These guides can
be rendered in a number of formats, like HTML and PDF. Please read
Documentation/admin-guide/README.rst first.

In order to build the documentation, use ``make htmldocs`` or
``make pdfdocs``.  The formatted documentation can also be read online at:

    https://www.kernel.org/doc/html/latest/

There are various text files in the Documentation/ subdirectory,
several of them using the Restructured Text markup notation.

Please read the Documentation/process/changes.rst file, as it contains the
requirements for building and running the kernel, and information about
the problems which may result by upgrading your kernel.