Takashi Iwai <tiwai@xxxxxxx> writes:
> This patch is an attempt for further hardening against races between
> the concurrent write and ioctls. The previous fix d15d662e89fc
> ("ALSA: seq: Fix racy pool initializations") covered the race of the
> pool initialization at writer and the pool resize ioctl by the
> client->ioctl_mutex (CVE-2018-1000004). However, basically this mutex
> should be applied more widely to the whole write operation for
> avoiding the unexpected pool operations by another thread.
>
> The only change outside snd_seq_write() is the additional mutex
> argument to helper functions, so that we can unlock / relock the given
> mutex temporarily during schedule() call for blocking write.
>
> Fixes: d15d662e89fc ("ALSA: seq: Fix racy pool initializations")
> Reported-by: 范龙飞 <long7573@xxxxxxx>
> Reported-by: Nicolai Stange <nstange@xxxxxxx>
> Cc: <stable@xxxxxxxxxxxxxxx>
> Signed-off-by: Takashi Iwai <tiwai@xxxxxxx>
> ---
Reviewed-and-tested-by: Nicolai Stange <nstange@xxxxxxx>
--
SUSE Linux GmbH, GF: Felix Imendörffer, Jane Smithard, Graham Norton,
HRB 21284 (AG Nürnberg)
_______________________________________________
Alsa-devel mailing list
Alsa-devel@xxxxxxxxxxxxxxxx
http://mailman.alsa-project.org/mailman/listinfo/alsa-devel
