binfmt_elf: Take the mmap lock when walking the VMA list
I'm not sure if the VMA list can change under us, but dump_vma_snapshot()
is very careful to take the mmap_lock in write mode. We only need to
take it in read mode here as we do not care if the size of the stack
VMA changes underneath us.
If it can be changed underneath us, this is a potential use-after-free
for a multithreaded process which is dumping core.
Fixes: 2aa362c49c31 ("coredump: extend core dump note section to contain file names of mapped files") Signed-off-by: Matthew Wilcox (Oracle) <willy@infradead.org> Reviewed-by: Liam R. Howlett <Liam.Howlett@Oracle.com>
projects / users / jedix / linux-maple.git / commit