diff options
author | Takashi Iwai <tiwai@suse.de> | 2019-04-09 17:35:22 +0200 |
---|---|---|
committer | Greg Kroah-Hartman <gregkh@linuxfoundation.org> | 2019-06-19 08:18:01 +0200 |
commit | b52fd8af8db3a099af4f93126a4c9c5459fb64b4 (patch) | |
tree | d2efb83d4631d2dc02961bb4cdb8dd3c48e6eef9 /crypto/rsapubkey.asn1 | |
parent | 82055ad3d3edf372e85d67e4e0db098c254b180f (diff) | |
download | linux-rpi3-b52fd8af8db3a099af4f93126a4c9c5459fb64b4.tar.gz linux-rpi3-b52fd8af8db3a099af4f93126a4c9c5459fb64b4.tar.bz2 linux-rpi3-b52fd8af8db3a099af4f93126a4c9c5459fb64b4.zip |
ALSA: seq: Protect in-kernel ioctl calls with mutex
[ Upstream commit feb689025fbb6f0aa6297d3ddf97de945ea4ad32 ]
ALSA OSS sequencer calls the ioctl function indirectly via
snd_seq_kernel_client_ctl(). While we already applied the protection
against races between the normal ioctls and writes via the client's
ioctl_mutex, this code path was left untouched. And this seems to be
the cause of still remaining some rare UAF as spontaneously triggered
by syzkaller.
For the sake of robustness, wrap the ioctl_mutex also for the call via
snd_seq_kernel_client_ctl(), too.
Reported-by: syzbot+e4c8abb920efa77bace9@syzkaller.appspotmail.com
Signed-off-by: Takashi Iwai <tiwai@suse.de>
Signed-off-by: Sasha Levin <sashal@kernel.org>
Diffstat (limited to 'crypto/rsapubkey.asn1')
0 files changed, 0 insertions, 0 deletions