Re: [PATCH 5.15 6.1] gve: Fix use-after-free vulnerability

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On Tue, Jan 30, 2024 at 01:45:07PM -0800, Praveen Kaligineedi wrote:
> From: Bailey Forrest <bcf@xxxxxxxxxx>
> 
> Call skb_shinfo() after gve_prep_tso() on DQO TX path.
> gve_prep_tso() calls skb_cow_head(), which may reallocate
> shinfo causing a use after free.
> 
> This bug was unintentionally fixed by 'a6fb8d5a8b69
> ("gve: Tx path for DQO-QPL")' while adding DQO-QPL format
> support in 6.6. That patch is not appropriate for stable releases.
> 
> Fixes: a57e5de476be ("gve: DQO: Add TX path")
> Signed-off-by: Praveen Kaligineedi <pkaligineedi@xxxxxxxxxx>
> Signed-off-by: Bailey Forrest <bcf@xxxxxxxxxx>
> Reviewed-by: Eric Dumazet <edumazet@xxxxxxxxxx>
> Reviewed-by: Jeroen de Borst <jeroendb@xxxxxxxxxx>
> Reviewed-by: Kevin DeCabooter <decabooter@xxxxxxxxxx>
> ---
>  drivers/net/ethernet/google/gve/gve_tx_dqo.c | 5 ++++-
>  1 file changed, 4 insertions(+), 1 deletion(-)

Now queued up, thanks.

greg k-h
[Index of Archives]     [Linux Kernel]     [Kernel Development Newbies]     [Linux USB Devel]     [Video for Linux]     [Linux Audio Users]     [Yosemite Hiking]     [Linux Kernel]     [Linux SCSI]

  Powered by Linux