git.baikalelectronics.ru Git - kernel.git/commit

af_key: Fix send_acquire race with pfkey_register

[ Upstream commit 4a41c0c27d65e79e1296f5396c3572e03e781853 ]

The function pfkey_send_acquire may race with pfkey_register
(which could even be in a different name space). This may result
in a buffer overrun.

Allocating the maximum amount of memory that could be used prevents
this.

Reported-by: syzbot+1e9af9185d8850e2c2fa@syzkaller.appspotmail.com
Fixes: 1da177e4c3f4 ("Linux-2.6.12-rc2")
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Reviewed-by: Sabrina Dubroca <sd@queasysnail.net>
Reviewed-by: Eric Dumazet <edumazet@google.com>
Signed-off-by: Steffen Klassert <steffen.klassert@secunet.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>

author	Herbert Xu <herbert@gondor.apana.org.au>
	Tue, 25 Oct 2022 06:06:48 +0000 (14:06 +0800)
committer	Greg Kroah-Hartman <gregkh@linuxfoundation.org>
	Thu, 8 Dec 2022 10:22:57 +0000 (11:22 +0100)
commit	450ff11aa59ca04d91efb23a330f01d4f958f3f5
tree	0f38b99d226144eff2579a62bfd60701fe7d61ad	tree \| snapshot
parent	3713f795a719efc7f344a17ff15743da13e9bdc1	commit \| diff