Kernel/linux-stable
1
0
Fork 0
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git synced 2024-12-28 16:56:26 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
linux-6.12.y
linux-stable/net
History
Jeremy Kerr b2b4eddf2f net: mctp: handle skb cleanup on sock_queue failures 
commit ce1219c3f7 upstream.

Currently, we don't use the return value from sock_queue_rcv_skb, which
means we may leak skbs if a message is not successfully queued to a
socket.

Instead, ensure that we're freeing the skb where the sock hasn't
otherwise taken ownership of the skb by adding checks on the
sock_queue_rcv_skb() to invoke a kfree on failure.

In doing so, rather than using the 'rc' value to trigger the
kfree_skb(), use the skb pointer itself, which is more explicit.

Also, add a kunit test for the sock delivery failure cases.

Fixes: 4a992bbd36 ("mctp: Implement message fragmentation & reassembly")
Cc: stable@vger.kernel.org
Signed-off-by: Jeremy Kerr <jk@codeconstruct.com.au>
Link: https://patch.msgid.link/20241218-mctp-next-v2-1-1c1729645eaa@codeconstruct.com.au
Signed-off-by: Paolo Abeni <pabeni@redhat.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2024-12-27 14:02:07 +01:00
..
6lowpan ipv6: eliminate ndisc_ops_is_useropt() 2024-08-12 17:23:57 -07:00
9p 9p/xen: fix release of IRQ 2024-12-05 14:03:06 +01:00
802 move asm/unaligned.h to linux/unaligned.h 2024-10-02 17:23:23 -04:00
8021q netdev_features: remove NETIF_F_ALL_FCOE 2024-09-03 11:36:43 +02:00
appletalk Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net 2024-05-09 10:01:01 -07:00
atm atm: clean up a put_user() calls 2024-06-14 19:08:50 -07:00
ax25 ax25: Replace kfree() in ax25_dev_free() with ax25_dev_put() 2024-06-01 15:49:42 -07:00
batman-adv batman-adv: Do not let TT changes list grows indefinitely 2024-12-19 18:13:11 +01:00
bluetooth Bluetooth: iso: Fix circular lock in iso_conn_big_sync 2024-12-19 18:13:21 +01:00
bpf bpf, test_run: Fix LIVE_FRAME frame update after a page has been recycled 2024-10-31 16:15:21 +01:00
bridge bridge: Handle error of rtnl_register_module(). 2024-10-10 15:39:35 +02:00
caif move asm/unaligned.h to linux/unaligned.h 2024-10-02 17:23:23 -04:00
can net: af_can: do not leave a dangling sk pointer in can_create() 2024-12-14 20:03:47 +01:00
ceph libceph: use min() to simplify code in ceph_dns_resolve_name() 2024-08-27 09:30:16 +02:00
core netdev-genl: avoid empty messages in queue dump 2024-12-27 14:02:05 +01:00
dcb
dccp dccp: Fix memory leak in dccp_feat_change_recv 2024-12-14 20:03:05 +01:00
devlink devlink: Constify the 'table_ops' parameter of devl_dpipe_table_register() 2024-06-05 10:24:57 +01:00
dns_resolver
dsa net: dsa: restore dsa_software_vlan_untag() ability to operate on VLAN-untagged traffic 2024-12-27 14:02:05 +01:00
ethernet netkit: Fix pkt_type override upon netkit pass verdict 2024-05-25 10:48:57 -07:00
ethtool ethtool: Fix wrong mod state in case of verbose and no_mask bitset 2024-12-14 20:03:08 +01:00
handshake net/handshake: use sockfd_put() helper 2024-08-27 16:09:25 -07:00
hsr net: hsr: must allocate more bytes for RedBox support 2024-12-14 20:03:06 +01:00
ieee802154 net: ieee802154: do not leave a dangling sk pointer in ieee802154_create() 2024-12-14 20:03:47 +01:00
ife
ipv4 tcp: check space before adding MPTCP SYN options 2024-12-19 18:12:59 +01:00
ipv6 net/tcp: Add missing lockdep annotations for TCP-AO hlist traversals 2024-12-14 20:03:53 +01:00
iucv s390/iucv: MSG_PEEK causes memory leak in iucv_sock_destruct() 2024-12-05 14:02:31 +01:00
kcm kcm: Serialise kcm_sendmsg() for the same socket. 2024-08-19 18:36:12 -07:00
key net: fill in MODULE_DESCRIPTION()s for af_key 2024-02-09 14:12:01 -08:00
l2tp net/l2tp: fix warning in l2tp_exit_net found by syzbot 2024-12-05 14:02:31 +01:00
l3mdev
lapb
llc llc: Improve setsockopt() handling of malformed user input 2024-12-05 14:02:35 +01:00
mac80211 wifi: mac80211: fix station NSS capability initialization order 2024-12-19 18:13:11 +01:00
mac802154 Including fixes from ieee802154, bluetooth and netfilter. 2024-10-03 09:44:00 -07:00
mctp net: mctp: handle skb cleanup on sock_queue failures 2024-12-27 14:02:07 +01:00
mpls mpls: Handle error of rtnl_register_module(). 2024-10-10 15:39:35 +02:00
mptcp mptcp: fix possible integer overflow in mptcp_reset_tout_timer 2024-12-14 20:03:55 +01:00
ncsi net/ncsi: Disable the ncsi work before freeing the associated structure 2024-10-03 10:14:14 +02:00
netfilter netfilter: ipset: Fix for recursive locking warning 2024-12-27 14:02:05 +01:00
netlabel netlabel: fix RCU annotation for IPv4 options on socket creation 2024-05-13 14:58:12 -07:00
netlink netlink: fix false positive warning in extack during dumps 2024-12-05 14:02:31 +01:00
netrom net/netrom: prefer strscpy over strcpy 2024-08-29 12:33:07 -07:00
nfc Quite smaller than usual. Notably it includes the fix for the unix 2024-05-23 12:49:37 -07:00
nsh nsh: Restore skb->{protocol,data,mac_header} for outer header in nsh_gso_segment(). 2024-04-26 12:20:01 +02:00
openvswitch netdev_features: convert NETIF_F_NETNS_LOCAL to dev->netns_local 2024-09-03 11:36:43 +02:00
packet af_packet: avoid erroring out after sock_init_data() in packet_create() 2024-12-14 20:03:47 +01:00
phonet phonet: Handle error of rtnl_register_module(). 2024-10-10 15:39:36 +02:00
psample psample: adjust size if rate_as_probability is set 2024-12-27 14:02:06 +01:00
qrtr net: qrtr: Update packets cloning when broadcasting 2024-09-24 10:48:16 +02:00
rds net: rds: add option for GCOV profiling 2024-08-09 13:18:46 +01:00
rfkill net: rfkill: gpio: Add check for clk_enable() 2024-12-05 14:01:57 +01:00
rose net: change proto and proto_ops accept type 2024-05-13 18:19:09 -06:00
rxrpc rxrpc: Improve setsockopt() handling of malformed user input 2024-12-05 14:02:35 +01:00
sched net: sched: fix ordering of qlen adjustment 2024-12-27 14:01:57 +01:00
sctp sctp: fix possible UAF in sctp_v6_available() 2024-11-09 09:15:04 -08:00
smc net/smc: check return value of sock_recvmsg when draining clc data 2024-12-27 14:02:02 +01:00
strparser
sunrpc sunrpc: fix one UAF issue caused by sunrpc kernel tcp socket 2024-12-05 14:03:09 +01:00
switchdev net: bridge: switchdev: Improve error message for port_obj_add/del functions 2024-05-08 12:19:12 +01:00
tipc tipc: fix NULL deref in cleanup_bearer() 2024-12-19 18:13:12 +01:00
tls move asm/unaligned.h to linux/unaligned.h 2024-10-02 17:23:23 -04:00
unix splice: do not checksum AF_UNIX sockets 2024-12-19 18:12:59 +01:00
vmw_vsock bpf, vsock: Invoke proto::close on close() 2024-12-14 20:03:14 +01:00
wireless wifi: cfg80211: sme: init n_channels before channels[] access 2024-12-19 18:13:12 +01:00
x25 net: change proto and proto_ops accept type 2024-05-13 18:19:09 -06:00
xdp xsk: fix OOB map writes when deleting elements 2024-12-14 20:03:31 +01:00
xfrm ipsec-2024-10-22 2024-10-24 11:11:33 +02:00
compat.c
devres.c
Kconfig memory-provider: disable building dmabuf mp on !CONFIG_PAGE_POOL 2024-09-13 11:41:45 -07:00
Kconfig.debug
Makefile af_unix: Remove CONFIG_UNIX_SCM. 2024-01-31 16:41:16 -08:00
socket.c net: explicitly clear the sk pointer, when pf->create fails 2024-10-07 16:21:59 -07:00
sysctl_net.c sysctl: Remove check for sentinel element in ctl_table arrays 2024-06-13 10:50:52 +02:00