korg/linux
0
0
Fork 0
mirror of https://mirrors.bfsu.edu.cn/git/linux.git synced 2024-09-22 22:11:38 +08:00
Code Issues Packages Projects Releases Wiki Activity
1,145,488 Commits 111 Branches 5,157 Tags 4.7 GiB
C 97.6%
Assembly 1%
Shell 0.5%
Python 0.3%
Makefile 0.3%
32c2c234bc
Go to file
Vladislav Efanov 32c2c234bc batman-adv: Broken sync while rescheduling delayed work 
commit abac3ac97f upstream.

Syzkaller got a lot of crashes like:
KASAN: use-after-free Write in *_timers*

All of these crashes point to the same memory area:

The buggy address belongs to the object at ffff88801f870000
 which belongs to the cache kmalloc-8k of size 8192
The buggy address is located 5320 bytes inside of
 8192-byte region [ffff88801f870000, ffff88801f872000)

This area belongs to :
        batadv_priv->batadv_priv_dat->delayed_work->timer_list

The reason for these issues is the lack of synchronization. Delayed
work (batadv_dat_purge) schedules new timer/work while the device
is being deleted. As the result new timer/delayed work is set after
cancel_delayed_work_sync() was called. So after the device is freed
the timer list contains pointer to already freed memory.

Found by Linux Verification Center (linuxtesting.org) with syzkaller.

Cc: stable@kernel.org
Fixes: 2f1dfbe185 ("batman-adv: Distributed ARP Table - implement local storage")
Signed-off-by: Vladislav Efanov <VEfanov@ispras.ru>
Acked-by: Sven Eckelmann <sven@narfation.org>
Signed-off-by: Simon Wunderlich <sw@simonwunderlich.de>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2023-06-14 11:15:23 +02:00
arch KVM: x86: Account fastpath-only VM-Exits in vCPU stats 2023-06-09 10:34:27 +02:00
block block: fix revalidate performance regression 2023-06-09 10:34:23 +02:00
certs certs: Fix build error when PKCS#11 URI contains semicolon 2023-02-09 11:28:11 +01:00
crypto KEYS: asymmetric: Copy sig and digest in public_key_verify_signature() 2023-06-09 10:34:28 +02:00
Documentation net/ipv4: ping_group_range: allow GID from 2147483648 to 4294967294 2023-06-14 11:15:16 +02:00
drivers bnxt_en: Implement .set_port / .unset_port UDP tunnel callbacks 2023-06-14 11:15:23 +02:00
fs afs: Fix setting of mtime when creating a file/dir/symlink 2023-06-14 11:15:16 +02:00
include net: sched: move rtm_tca_policy declaration to include file 2023-06-14 11:15:21 +02:00
init gcc: disable '-Warray-bounds' for gcc-13 too 2023-04-26 14:28:43 +02:00
io_uring io_uring: undeprecate epoll_ctl support 2023-06-09 10:34:23 +02:00
ipc
kernel bpf: Add extra path pointer check to d_path helper 2023-06-14 11:15:22 +02:00
lib lib: cpu_rmap: Fix potential use-after-free in irq_cpu_rmap_release() 2023-06-14 11:15:22 +02:00
LICENSES
mm mm: fix zswap writeback race condition 2023-05-24 17:32:51 +01:00
net batman-adv: Broken sync while rescheduling delayed work 2023-06-14 11:15:23 +02:00
rust rust: kernel: Mark rust_fmt_argument as extern "C" 2023-04-26 14:28:38 +02:00
samples samples/bpf: Fix fout leak in hbm's run_bpf_prog 2023-05-24 17:32:38 +01:00
scripts recordmcount: Fix memory leaks in the uwrite function 2023-05-24 17:32:41 +01:00
security selinux: don't use make's grouped targets feature yet 2023-06-09 10:34:24 +02:00
sound ALSA: oss: avoid missing-prototype warnings 2023-06-09 10:34:16 +02:00
tools selftests/bpf: Fix sockopt_sk selftest 2023-06-14 11:15:19 +02:00
usr
virt KVM: Fix vcpu_array[0] races 2023-05-24 17:32:50 +01:00
.clang-format
.cocciconfig
.get_maintainer.ignore
.gitattributes
.gitignore
.mailmap
.rustfmt.toml
COPYING
CREDITS
Kbuild
Kconfig
MAINTAINERS platform/x86: Move existing HP drivers to a new hp subdir 2023-05-24 17:32:42 +01:00
Makefile Linux 6.1.33 2023-06-09 10:34:30 +02:00
README

README 

Linux kernel
============

There are several guides for kernel developers and users. These guides can
be rendered in a number of formats, like HTML and PDF. Please read
Documentation/admin-guide/README.rst first.

In order to build the documentation, use ``make htmldocs`` or
``make pdfdocs``.  The formatted documentation can also be read online at:

    https://www.kernel.org/doc/html/latest/

There are various text files in the Documentation/ subdirectory,
several of them using the Restructured Text markup notation.

Please read the Documentation/process/changes.rst file, as it contains the
requirements for building and running the kernel, and information about
the problems which may result by upgrading your kernel.