From: Marc Kleine-Budde Date: Mon, 5 Jun 2023 06:27:23 +0000 (+0200) Subject: Merge patch series "can: j1939: avoid possible use-after-free when j1939_can_rx_regis... X-Git-Url: https://www.infradead.org/git/?a=commitdiff_plain;h=628f725d3b090fadcc3735aaf4332e778335188e;p=users%2Fhch%2Fblock.git Merge patch series "can: j1939: avoid possible use-after-free when j1939_can_rx_register fails" Fedor Pchelkin says: The patch series fixes a possible racy use-after-free scenario described in 2/2: if j1939_can_rx_register() fails then the concurrent thread may have already read the invalid priv structure. The 1/2 makes j1939_netdev_lock a mutex so that access to j1939_can_rx_register() can be serialized without changing GFP_KERNEL to GFP_ATOMIC inside can_rx_register(). This seems to be safe. Note that the patch series has been tested only via Syzkaller and not with a real device. Link: https://lore.kernel.org/r/20230526171910.227615-1-pchelkin@ispras.ru Signed-off-by: Marc Kleine-Budde --- 628f725d3b090fadcc3735aaf4332e778335188e