目录
devel-5.10
分支62
标签233
+ 疑修
Web IDE
Ira Weiny
nvdimm/bus: Fix potential use after free in asynchronous initialization


ANBZ: #32865


commit a8aec14230322ed8f1e8042b6d656c1631d41163 upstream.


Dingisoul with KASAN reports a use after free if device_add() fails in
nd_async_device_register().


Commit b6eae0f61db2 (“libnvdimm: Hold reference on parent while
scheduling async init”) correctly added a reference on the parent device
to be held until asynchronous initialization was complete.  However, if
device_add() results in an allocation failure the ref count of the
device drops to 0 prior to the parent pointer being accessed.  Thus
resulting in use after free.


The bug bot AI correctly identified the fix.  Save a reference to the
parent pointer to be used to drop the parent reference regardless of the
outcome of device_add().


Reported-by: Dingisoul dingiso.kernel@gmail.com
Closes: http://lore.kernel.org/8855544b-be9e-4153-aa55-0bc328b13733@gmail.com
Fixes: b6eae0f61db2 (“libnvdimm: Hold reference on parent while scheduling async init”)
Cc: stable@vger.kernel.org
Reviewed-by: Dave Jiang dave.jiang@intel.com
Link: https://patch.msgid.link/20260306-fix-uaf-async-init-v1-1-a28fd7526723@intel.com
Signed-off-by: Ira Weiny ira.weiny@intel.com


Fixes: CVE-2026-31399
Signed-off-by: PatchPilot patchpilot@openanolis.org
Signed-off-by: Ferry Meng mengferry@linux.alibaba.com
Reviewed-by: Xunlei Pang xlpang@linux.alibaba.com
Link: https://gitee.com/anolis/cloud-kernel/pulls/6731
3天前998677次提交
README

Linux kernel

There are several guides for kernel developers and users. These guides can be rendered in a number of formats, like HTML and PDF. Please read Documentation/admin-guide/README.rst first.

In order to build the documentation, use make htmldocs or make pdfdocs. The formatted documentation can also be read online at:

https://www.kernel.org/doc/html/latest/

There are various text files in the Documentation/ subdirectory, several of them using the Restructured Text markup notation.

Please read the Documentation/process/changes.rst file, as it contains the requirements for building and running the kernel, and information about the problems which may result by upgrading your kernel.

关于

Cloud Kernel 是龙蜥操作系统(Anolis OS)内核,目前已经达到 600 多万部署规模. 它基于Linux社区主线稳定版. 致力于打造更稳定, 更可靠, 更安全, 特性更丰富, 性能更优化的 Linux 系统内核. 为 Anolis OS 以及下游生态合作 OS 发行版提供坚实的内核支持, 更好的支撑和扩展上层业务应用.

操作系统龙蜥
README.md
4.0 GB
邀请码
    Gitlink(确实开源)
  • 加入我们
  • 官网邮箱:gitlink@ccf.org.cn
    • QQ群
  • QQ群
    • 公众号
  • 公众号

版权所有:中国计算机学会技术支持:开源发展技术委员会
京ICP备13000930号-9 京公网安备 11010802032778号