AcoSail/kernel_optimize_test
8
0
Fork 0
forked from luck/tmp_suning_uos_patched
Code Pull Requests Activity
43c8d33ce3
kernel_optimize_test/drivers
History
Jan Beulich 547b7c640d xen-netfront: restore __skb_queue_tail() positioning in xennet_get_responses() 
commit f63c2c2032c2e3caad9add3b82cc6e91c376fd26 upstream.

The commit referenced below moved the invocation past the "next" label,
without any explanation. In fact this allows misbehaving backends undue
control over the domain the frontend runs in, as earlier detected errors
require the skb to not be freed (it may be retained for later processing
via xennet_move_rx_slot(), or it may simply be unsafe to have it freed).

This is CVE-2022-33743 / XSA-405.

Fixes: 6c5aa6fc4d ("xen networking: add basic XDP support for xen-netfront")
Signed-off-by: Jan Beulich <jbeulich@suse.com>
Reviewed-by: Juergen Gross <jgross@suse.com>
Signed-off-by: Juergen Gross <jgross@suse.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2022-07-07 17:52:23 +02:00
..
accessibility speakup-dectlk: Restore pitch setting 2022-02-16 12:54:30 +01:00
acpi ACPI: property: Release subnode properties with data nodes 2022-06-09 10:21:23 +02:00
amba amba: Make the remove callback return void 2022-04-08 14:40:02 +02:00
android binder: fix handling of error during copy 2022-01-27 10:54:06 +01:00
ata ata: libata-core: fix NULL pointer deref in ata_host_alloc_pinfo() 2022-06-22 14:13:14 +02:00
atm atm: eni: Add check for dma_map_single 2022-03-23 09:13:27 +01:00
auxdisplay
base regmap-irq: Fix a bug in regmap_irq_enable() for type_in_mask chips 2022-06-29 08:59:49 +02:00
bcma
block xen/blkfront: force data bouncing when backend is untrusted 2022-07-07 17:52:22 +02:00
bluetooth Bluetooth: hci_qca: Use del_timer_sync() before freeing 2022-06-06 08:42:43 +02:00
bus bus: ti-sysc: Fix warnings for unbind for serial 2022-06-14 18:32:34 +02:00
cdrom
char random: update comment from copy_to_user() -> copy_to_iter() 2022-06-29 08:59:54 +02:00
clk clk: imx8mp: fix usb_root_clk parent 2022-06-22 14:13:20 +02:00
clocksource clocksource: hyper-v: unexport __init-annotated hv_init_clocksource() 2022-06-22 14:13:16 +02:00
connector
counter counter: stm32-lptimer-cnt: remove iio counter abi 2022-01-27 10:54:08 +01:00
cpufreq drivers: cpufreq: Add missing of_node_put() in qoriq-cpufreq.c 2022-07-07 17:52:20 +02:00
cpuidle
crypto crypto: sun8i-ss - handle zero sized sg 2022-06-09 10:21:17 +02:00
dax dax: make sure inodes are flushed before destroy cache 2022-04-08 14:40:16 +02:00
dca
devfreq PM / devfreq: exynos-ppmu: Fix refcount leak in of_get_devfreq_events 2022-07-07 17:52:18 +02:00
dio
dma dmaengine: idxd: add missing callback function to support DMA_INTERRUPT 2022-06-14 18:32:47 +02:00
dma-buf udmabuf: add back sanity check 2022-06-29 08:59:48 +02:00
edac EDAC/dmc520: Don't print an error for each unconfigured interrupt line 2022-06-09 10:21:02 +02:00
eisa
extcon extcon: Modify extcon device to be created after driver data is set 2022-06-14 18:32:43 +02:00
firewire firewire: core: extend card->lock in fw_core_handle_bus_reset 2022-05-12 12:25:32 +02:00
firmware firmware: dmi-sysfs: Fix memory leak in dmi_sysfs_register_handle 2022-06-14 18:32:34 +02:00
fpga
fsi fsi: Aspeed: Fix a potential double free 2022-04-08 14:40:23 +02:00
gnss
gpio gpio: winbond: Fix error code in winbond_gpio_get() 2022-06-29 08:59:50 +02:00
gpu drm/amdgpu: To flush tlb for MMHUB of RAVEN series 2022-07-07 17:52:15 +02:00
greybus greybus: svc: fix an error handling bug in gb_svc_hello() 2022-04-08 14:39:50 +02:00
hid HID: elan: Fix potential double free in elan_input_configured 2022-06-09 10:21:02 +02:00
hsi HSI: core: Fix return freed object in hsi_new_client 2022-01-27 10:54:12 +01:00
hv Drivers: hv: vmbus: Release cpu lock in error case 2022-06-22 14:13:16 +02:00
hwmon hwmon: (ibmaem) don't call platform_device_del() if platform_device_add() fails 2022-07-07 17:52:20 +02:00
hwspinlock
hwtracing coresight: cpu-debug: Replace mutex with mutex_trylock on panic notifier 2022-06-14 18:32:32 +02:00
i2c i2c: designware: Use standard optional ref clock implementation 2022-06-22 14:13:18 +02:00
i3c
ide
idle
iio iio: adc: adi-axi-adc: Fix refcount leak in adi_axi_adc_attach_client 2022-06-29 08:59:52 +02:00
infiniband RDMA/cm: Fix memory leak in ib_cm_insert_listen 2022-07-07 17:52:17 +02:00
input Input: soc_button_array - also add Lenovo Yoga Tablet2 1051F to dmi_use_low_level_irq 2022-06-22 14:13:14 +02:00
interconnect interconnect: Restore sync state by ignoring ipa-virt in provider count 2022-06-14 18:32:47 +02:00
iommu iommu/arm-smmu-v3: check return value after calling platform_get_resource() 2022-06-14 18:32:38 +02:00
ipack
irqchip irqchip/gic-v3: Fix refcount leak in gic_populate_ppi_partitions 2022-06-22 14:13:18 +02:00
isdn isdn: hfcpci: check the return value of dma_set_mask() in setup_hw() 2022-03-16 14:15:57 +01:00
leds
lightnvm lightnvm: disable the subsystem 2022-05-09 09:04:56 +02:00
macintosh macintosh: via-pmu and via-cuda need RTC_LIB 2022-06-09 10:21:18 +02:00
mailbox mailbox: forward the hrtimer if not queued and under a lock 2022-06-09 10:21:18 +02:00
mcb
md dm raid: fix KASAN warning in raid5_add_disks 2022-07-07 17:52:16 +02:00
media media: coda: Add more H264 levels for CODA960 2022-06-09 10:21:25 +02:00
memory memory: samsung: exynos5422-dmc: Fix refcount leak in of_get_dram_timings 2022-06-29 08:59:54 +02:00
memstick
message
mfd mfd: davinci_voicecodec: Fix possible null-ptr-deref davinci_vc_probe() 2022-06-09 10:21:18 +02:00
misc mei: me: add raptor lake point S DID 2022-06-22 14:13:18 +02:00
mmc mmc: sdhci-pci-o2micro: Fix card detect by dealing with debouncing 2022-06-29 08:59:45 +02:00
most
mtd mtd: rawnand: gpmi: Fix setting busy timeout setting 2022-06-29 08:59:45 +02:00
mux
net xen-netfront: restore __skb_queue_tail() positioning in xennet_get_responses() 2022-07-07 17:52:23 +02:00
nfc NFC: nxp-nci: Don't issue a zero length i2c_master_read() 2022-07-07 17:52:18 +02:00
ntb ntb: intel: fix port config status offset for SPR 2022-03-08 19:09:32 +01:00
nubus
nvdimm nvdimm: Fix badblocks clear off-by-one error 2022-07-07 17:52:15 +02:00
nvme nvme-pci: add NVME_QUIRK_BOGUS_NID for ADATA XPG SX6000LNP (AKA SPECTRIX S40G) 2022-07-07 17:52:15 +02:00
nvmem nvmem: core: set size for sysfs bin file 2022-01-27 10:54:22 +01:00
of of: overlay: do not break notify on NOTIFY_{OK|STOP} 2022-06-09 10:21:03 +02:00
opp OPP: call of_node_put() on error path in _bandwidth_supported() 2022-06-09 10:21:18 +02:00
oprofile
parisc parisc: Fix CPU affinity for Lasi, WAX and Dino chips 2022-04-13 21:01:03 +02:00
parport
pci Revert "PCI: Make pci_enable_ptm() private" 2022-06-22 14:13:20 +02:00
pcmcia pcmcia: db1xxx_ss: restrict to MIPS_DB1XXX boards 2022-06-14 18:32:30 +02:00
perf arm_pmu: Validate single/group leader events 2022-04-27 13:53:55 +02:00
phy phy: qcom-qmp: fix pipe-clock imbalance on power-on failure 2022-06-14 18:32:32 +02:00
pinctrl pinctrl: renesas: core: Fix possible null-ptr-deref in sh_pfc_map_resources() 2022-06-09 10:21:16 +02:00
platform MIPS: Loongson-3: fix compile mips cpu_hwmon as module build error. 2022-06-22 14:13:15 +02:00
pnp
power power: supply: axp288-charger: Set Vhold to 4.4V 2022-04-13 21:00:57 +02:00
powercap
pps
ps3
ptp ptp: replace snprintf with sysfs_emit 2022-04-13 21:00:55 +02:00
pwm pwm: lp3943: Fix duty calculation in case period was clamped 2022-06-14 18:32:31 +02:00
rapidio
ras
regulator regulator: pfuze100: Fix refcount leak in pfuze_parse_regulators_dt 2022-06-09 10:21:07 +02:00
remoteproc remoteproc: qcom_q6v5_mss: Fix some leaks in q6v5_alloc_memory_region 2022-04-08 14:40:26 +02:00
reset reset: tegra-bpmp: Restore Handle errors in BPMP response 2022-04-27 13:53:52 +02:00
rpmsg rpmsg: qcom_smd: Fix returning 0 if irq_of_parse_and_map() fails 2022-06-14 18:32:32 +02:00
rtc rtc: mt6397: check return value after calling platform_get_resource() 2022-06-14 18:32:33 +02:00
s390 s390/lcs: fix variable dereferenced before check 2022-05-18 10:23:44 +02:00
sbus
scsi scsi: scsi_debug: Fix zone transition to full condition 2022-06-29 08:59:46 +02:00
sfi
sh
siox
slimbus slimbus: qcom: Fix IRQ check in qcom_slim_probe 2022-05-18 10:23:47 +02:00
soc soc: bcm: brcmstb: pm: pm-arm: Fix refcount leak in brcmstb_pm_probe 2022-06-29 08:59:54 +02:00
soundwire soundwire: intel: fix wrong register name in intel_shim_wake 2022-04-08 14:40:24 +02:00
spi spi: spi-fsl-qspi: check return value after calling platform_get_resource_byname() 2022-06-09 10:21:06 +02:00
spmi
ssb
staging comedi: vmk80xx: fix expression for tx buffer size 2022-06-22 14:13:18 +02:00
target target: remove an incorrect unmap zeroes data deduction 2022-06-09 10:21:01 +02:00
tc
tee optee: use driver internal tee_context for some rpc 2022-03-02 11:42:47 +01:00
thermal thermal/core: Fix memory leak in the error path 2022-06-09 10:21:30 +02:00
thunderbolt thunderbolt: Runtime PM activate both ends of the device link 2022-01-27 10:54:14 +01:00
tty vt: drop old FONT ioctls 2022-06-29 08:59:44 +02:00
uio
usb usb: chipidea: udc: check request status before setting device address 2022-06-29 08:59:51 +02:00
vdpa vdpasim: allow to enable a vq repeatedly 2022-06-09 10:21:29 +02:00
vfio amba: Make the remove callback return void 2022-04-08 14:40:02 +02:00
vhost vringh: Fix loop descriptors check in the indirect cases 2022-06-14 18:32:45 +02:00
video parisc/stifb: Fix fb_is_primary_device() only available with CONFIG_FB_STI 2022-06-29 08:59:53 +02:00
virt
virtio virtio-pci: Remove wrong address verification in vp_del_vqs() 2022-06-22 14:13:20 +02:00
visorbus
vlynq
vme
w1 w1: w1_therm: fixes w1_seq for ds28ea00 sensors 2022-04-13 21:01:01 +02:00
watchdog watchdog: wdat_wdt: Stop watchdog when rebooting the system 2022-06-14 18:32:43 +02:00
xen xen/gntdev: Avoid blocking in unmap_grant_pages() 2022-07-07 17:52:20 +02:00
zorro
Kconfig
Makefile