vsock/virtio: Initialization of the dangling pointer occurring in vsk->trans

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

During loopback communication, a dangling pointer can be created in
vsk->trans, potentially leading to a Use-After-Free condition. This
issue is resolved by initializing vsk->trans to NULL.

Cc: stable <stable@kernel.org>
Fixes: 06a8fc78367d ("VSOCK: Introduce virtio_vsock_common.ko")
Signed-off-by: Hyunwoo Kim <v4bel@theori.io>
Signed-off-by: Wongi Lee <qwerty@theori.io>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Message-Id: <2024102245-strive-crib-c8d3@gregkh>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>

authored by

Hyunwoo Kim and committed by

Michael S. Tsirkin 2 years ago 6ca57537 59b723cd

1 changed file

expand all

net

vmw_vsock

virtio_transport_common.c

net/vmw_vsock/virtio_transport_common.c

··· 1109 1109 struct virtio_vsock_sock *vvs = vsk->trans; 1110 1110 1111 1111 kfree(vvs); 1112 + vsk->trans = NULL; 1112 1113 } 1113 1114 EXPORT_SYMBOL_GPL(virtio_transport_destruct); 1114 1115

Configure Feed

Configure Feed