]> git-server-git.apps.pok.os.sepia.ceph.com Git - ceph-client.git/commit
projects / ceph-client.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: eac3361) | patch
smb: server: fix use-after-free in smb2_open()
authorMarios Makassikis <mmakassikis@freebox.fr>
Tue, 3 Mar 2026 10:14:32 +0000 (11:14 +0100)
committerSteve French <stfrench@microsoft.com>
Mon, 9 Mar 2026 02:28:39 +0000 (21:28 -0500)
commit1e689a56173827669a35da7cb2a3c78ed5c53680
treedcc3cd50eba72c0f2ea9ccca1101a49fc113cdb5tree | snapshot
parenteac3361e3d5dd8067b3258c69615888eb45e9f25commit | diff
smb: server: fix use-after-free in smb2_open()

The opinfo pointer obtained via rcu_dereference(fp->f_opinfo) is
dereferenced after rcu_read_unlock(), creating a use-after-free
window.

Cc: stable@vger.kernel.org
Signed-off-by: Marios Makassikis <mmakassikis@freebox.fr>
Acked-by: Namjae Jeon <linkinjeon@kernel.org>
Signed-off-by: Steve French <stfrench@microsoft.com>
fs/smb/server/smb2pdu.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.