summaryrefslogtreecommitdiffstats
path: root/init
diff options
context:
space:
mode:
authorMing Lei <ming.lei@canonical.com>2013-06-15 10:36:38 +0200
committerGreg Kroah-Hartman <gregkh@linuxfoundation.org>2013-06-18 19:41:55 +0200
commit875979368eb4cfecff9f0e97625b90cc6009269d (patch)
treee10845e63381a741f60465d808d9b39f18217c6f /init
parentLinux 3.10-rc6 (diff)
downloadlinux-875979368eb4cfecff9f0e97625b90cc6009269d.tar.xz
linux-875979368eb4cfecff9f0e97625b90cc6009269d.zip
firmware loader: fix use-after-free by double abort
fw_priv->buf is accessed in both request_firmware_load() and writing to sysfs file of 'loading' context, but not protected by 'fw_lock' entirely. The patch makes sure that access on 'fw_priv->buf' is protected by the lock. So fixes the double abort problem reported by nirinA raseliarison: http://lkml.org/lkml/2013/6/14/188 Reported-and-tested-by: nirinA raseliarison <nirina.raseliarison@gmail.com> Cc: Guenter Roeck <linux@roeck-us.net> Cc: Bjorn Helgaas <bhelgaas@google.com> Cc: stable <stable@vger.kernel.org> # 3.9 Signed-off-by: Ming Lei <ming.lei@canonical.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Diffstat (limited to 'init')
0 files changed, 0 insertions, 0 deletions