MIRRORS/linux-yocto
1
0
Fork 0
mirror of git://git.yoctoproject.org/linux-yocto.git synced 2025-08-21 16:31:14 +02:00
Code Issues Actions Packages Projects Releases Wiki Activity
v6.1.146
linux-yocto/drivers/char
History
Dan Carpenter cbc1670297 ipmi:msghandler: Fix potential memory corruption in ipmi_create_user() 
commit fa332f5dc6 upstream.

The "intf" list iterator is an invalid pointer if the correct
"intf->intf_num" is not found.  Calling atomic_dec(&intf->nr_users) on
and invalid pointer will lead to memory corruption.

We don't really need to call atomic_dec() if we haven't called
atomic_add_return() so update the if (intf->in_shutdown) path as well.

Fixes: 8e76741c3d ("ipmi: Add a limit on the number of users that may use IPMI")
Signed-off-by: Dan Carpenter <dan.carpenter@linaro.org>
Message-ID: <aBjMZ8RYrOt6NOgi@stanley.mountain>
Signed-off-by: Corey Minyard <corey@minyard.net>
[ - Dropped change to the `if (intf->in_shutdown)` block since that logic
    doesn't exist yet.
  - Modified out_unlock to release the srcu lock instead of the mutex
    since we don't have the mutex here yet. ]
Signed-off-by: Brendan Jackman <jackmanb@google.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2025-07-17 18:32:07 +02:00
..
agp
hw_random hwrng: cctrng - Add missing clk_disable_unprepare in cctrng_resume 2024-10-17 15:21:23 +02:00
ipmi ipmi:msghandler: Fix potential memory corruption in ipmi_create_user() 2025-07-17 18:32:07 +02:00
mwave
pcmcia
tpm tpm: tis: Double the timeout B to 4s 2025-05-22 14:10:00 +02:00
xilinx_hwicap
xillybus char: xillybus: Fix trivial bug with mutex 2024-11-22 15:37:35 +01:00
adi.c
apm-emulation.c
applicom.c
applicom.h
bsr.c
ds1620.c
dsp56k.c
dtlk.c
hangcheck-timer.c
hpet.c hpet: Support 32-bit userspace 2024-07-18 13:18:39 +02:00
Kconfig
lp.c
Makefile
mem.c
misc.c
mspec.c
nsc_gpio.c
nvram.c
nwbutton.c
nwbutton.h
nwflash.c
pc8736x_gpio.c
powernv-op-panel.c
ppdev.c ppdev: Add an error check in register_device 2024-06-12 11:03:40 +02:00
ps3flash.c
random.c random: handle creditable entropy from atomic process context 2024-04-27 17:07:04 +02:00
scx200_gpio.c
sonypi.c
tlclk.c
toshiba.c
ttyprintk.c
uv_mmtimer.c
virtio_console.c virtio_console: fix missing byte order handling for cols and rows 2025-05-02 07:46:56 +02:00