Re: [PATCH -next] scsi: snic: fix double free in snic_tgt_create()

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On Sat, 19 Aug 2023 08:39:41 +0000, Zhu Wang wrote:

> The commit 41320b18a0e0 ("scsi: snic: Fix possible memory leak if
> device_add() fails") fix the memory leak caused by dev_set_name() when
> device_add() failed. While it did not consider that 'tgt' has already been
> released when put_device(&tgt->dev) is called. We removed kfree(tgt) in
> the error path to avoid double free 'tgt'. And we moved
> put_device(&tgt->dev) after the removed kfree(tgt) to avoid UAF
> (Use-After-Free).
> 
> [...]

Applied to 6.5/scsi-fixes, thanks!

[1/1] scsi: snic: fix double free in snic_tgt_create()
      https://git.kernel.org/mkp/scsi/c/1bd3a76880b2

-- 
Martin K. Petersen	Oracle Linux Engineering
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [SCSI Target Devel]     [Linux SCSI Target Infrastructure]     [Kernel Newbies]     [IDE]     [Security]     [Git]     [Netfilter]     [Bugtraq]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Linux ATA RAID]     [Linux IIO]     [Samba]     [Device Mapper]

  Powered by Linux