It better to validate uid info which is from userspace. Signed-off-by: Chengguang Xu <cgxu519@xxxxxxx> --- block/ioprio.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/block/ioprio.c b/block/ioprio.c index f9821080c92c..b59397662da6 100644 --- a/block/ioprio.c +++ b/block/ioprio.c @@ -218,6 +218,8 @@ SYSCALL_DEFINE2(ioprio_get, int, which, int, who) break; case IOPRIO_WHO_USER: uid = make_kuid(current_user_ns(), who); + if (!uid_valid(uid)) + break; if (!who) user = current_user(); else -- 2.17.2