UPSTREAM: scsi: scsi_debug: Fix possible UAF in sdebug_add_host_helper()
[ Upstream commit e208a1d7 ] If device_register() fails in sdebug_add_host_helper(), it will goto clean and sdbg_host will be freed, but sdbg_host->host_list will not be removed from sdebug_host_list, then list traversal may cause UAF. Fix it. Bug: 269124154 Fixes: 1da177e4 ("Linux-2.6.12-rc2") Signed-off-by:Yuan Can <yuancan@huawei.com> Link: https://lore.kernel.org/r/20221117084421.58918-1-yuancan@huawei.com Acked-by:
Douglas Gilbert <dgilbert@interlog.com> Signed-off-by:
Martin K. Petersen <martin.petersen@oracle.com> Signed-off-by:
Sasha Levin <sashal@kernel.org> Signed-off-by:
Lee Jones <joneslee@google.com> Change-Id: If72cff6460dede7d9aefc442e480e8b913d3e095
Loading
Please sign in to comment