This is a note to let you know that I've just added the patch titled
fs/smb/client: Reset password pointer to NULL
to the 6.1-stable tree which can be found at:
http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary
The filename of the patch is:
fs-smb-client-reset-password-pointer-to-null.patch
and it can be found in the queue-6.1 subdirectory.
If you, or anyone else, feels it should not be added to the stable tree,
please let <stable@xxxxxxxxxxxxxxx> know about it.
>From e6e43b8aa7cd3c3af686caf0c2e11819a886d705 Mon Sep 17 00:00:00 2001
From: Quang Le <quanglex97@xxxxxxxxx>
Date: Fri, 29 Sep 2023 00:44:13 +0700
Subject: fs/smb/client: Reset password pointer to NULL
From: Quang Le <quanglex97@xxxxxxxxx>
commit e6e43b8aa7cd3c3af686caf0c2e11819a886d705 upstream.
Forget to reset ctx->password to NULL will lead to bug like double free
Cc: stable@xxxxxxxxxxxxxxx
Cc: Willy Tarreau <w@xxxxxx>
Reviewed-by: Namjae Jeon <linkinjeon@xxxxxxxxxx>
Signed-off-by: Quang Le <quanglex97@xxxxxxxxx>
Signed-off-by: Steve French <stfrench@xxxxxxxxxxxxx>
Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
---
fs/smb/client/fs_context.c | 1 +
1 file changed, 1 insertion(+)
--- a/fs/smb/client/fs_context.c
+++ b/fs/smb/client/fs_context.c
@@ -1487,6 +1487,7 @@ static int smb3_fs_context_parse_param(s
cifs_parse_mount_err:
kfree_sensitive(ctx->password);
+ ctx->password = NULL;
return -EINVAL;
}
Patches currently in stable-queue which might be from quanglex97@xxxxxxxxx are
queue-6.1/fs-smb-client-reset-password-pointer-to-null.patch
