This is a note to let you know that I've just added the patch titled usermodehelper: check subprocess_info->path != NULL to the 3.0-stable tree which can be found at: http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary The filename of the patch is: usermodehelper-check-subprocess_info-path-null.patch and it can be found in the queue-3.0 subdirectory. If you, or anyone else, feels it should not be added to the stable tree, please let <stable@xxxxxxxxxxxxxxx> know about it. >From 264b83c07a84223f0efd0d1db9ccc66d6f88288f Mon Sep 17 00:00:00 2001 From: Oleg Nesterov <oleg@xxxxxxxxxx> Date: Thu, 16 May 2013 17:43:55 +0200 Subject: usermodehelper: check subprocess_info->path != NULL From: Oleg Nesterov <oleg@xxxxxxxxxx> commit 264b83c07a84223f0efd0d1db9ccc66d6f88288f upstream. argv_split(empty_or_all_spaces) happily succeeds, it simply returns argc == 0 and argv[0] == NULL. Change call_usermodehelper_exec() to check sub_info->path != NULL to avoid the crash. This is the minimal fix, todo: - perhaps we should change argv_split() to return NULL or change the callers. - kill or justify ->path[0] check - narrow the scope of helper_lock() Signed-off-by: Oleg Nesterov <oleg@xxxxxxxxxx> Acked-By: Lucas De Marchi <lucas.demarchi@xxxxxxxxx> Signed-off-by: Linus Torvalds <torvalds@xxxxxxxxxxxxxxxxxxxx> Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx> --- kernel/kmod.c | 5 +++++ 1 file changed, 5 insertions(+) --- a/kernel/kmod.c +++ b/kernel/kmod.c @@ -421,6 +421,11 @@ int call_usermodehelper_exec(struct subp int retval = 0; helper_lock(); + if (!sub_info->path) { + retval = -EINVAL; + goto out; + } + if (sub_info->path[0] == '\0') goto out; Patches currently in stable-queue which might be from oleg@xxxxxxxxxx are queue-3.0/usermodehelper-check-subprocess_info-path-null.patch -- To unsubscribe from this list: send the line "unsubscribe stable" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html