linux

mirror of https://github.com/torvalds/linux synced 2024-10-09 21:05:10 +00:00

History

Lv Yunlong 1c98f57440 ALSA: emu8000: Fix a use after free in snd_emu8000_create_mixer Our code analyzer reported a uaf. In snd_emu8000_create_mixer, the callee snd_ctl_add(..,emu->controls[i]) calls snd_ctl_add_replace(.., kcontrol,..). Inside snd_ctl_add_replace(), if error happens, kcontrol will be freed by snd_ctl_free_one(kcontrol). Then emu->controls[i] points to a freed memory, and the execution comes to __error branch of snd_emu8000_create_mixer. The freed emu->controls[i] is used in snd_ctl_remove(card, emu->controls[i]). My patch set emu->controls[i] to NULL if snd_ctl_add() failed to avoid the uaf. Signed-off-by: Lv Yunlong <lyl2019@mail.ustc.edu.cn> Cc: <stable@vger.kernel.org> Link: https://lore.kernel.org/r/20210426131129.4796-1-lyl2019@mail.ustc.edu.cn Signed-off-by: Takashi Iwai <tiwai@suse.de>		2021-04-26 16:23:41 +02:00
..
ac97	ALSA: ac97: Constify static struct attribute_group	2021-01-31 09:49:58 +01:00
aoa	ALSA: Convert strlcpy to strscpy when return value is unused	2021-01-08 09:30:05 +01:00
arm	ARM updates for 5.12-rc1:	2021-02-22 14:27:07 -08:00
atmel	ALSA: atmel: ac97: clarify operator precedence	2020-09-03 09:27:34 +02:00
core	ALSA: control: Fix racy management of user ctl memory size account	2021-04-16 09:57:49 +02:00
drivers	Merge branch 'for-linus' into for-next	2021-04-09 09:57:03 +02:00
firewire	ALSA: control - add generic LED API	2021-03-30 17:42:40 +02:00
hda	ALSA: control - add generic LED API	2021-03-30 17:42:40 +02:00
i2c	ALSA: Convert strlcpy to strscpy when return value is unused	2021-01-08 09:30:05 +01:00
isa	ALSA: emu8000: Fix a use after free in snd_emu8000_create_mixer	2021-04-26 16:23:41 +02:00
mips	module: remove never implemented MODULE_SUPPORTED_DEVICE	2021-03-17 13:16:18 -07:00
oss	ALSA: Convert strlcpy to strscpy when return value is unused	2021-01-08 09:30:05 +01:00
parisc
pci	ALSA: hda/realtek: fix static noise on ALC285 Lenovo laptops	2021-04-26 13:56:23 +02:00
pcmcia	module: remove never implemented MODULE_SUPPORTED_DEVICE	2021-03-17 13:16:18 -07:00
ppc	ALSA: control - add generic LED API	2021-03-30 17:42:40 +02:00
sh	module: remove never implemented MODULE_SUPPORTED_DEVICE	2021-03-17 13:16:18 -07:00
soc	ASoC: fsl_esai: Fix TDM slot setup for I2S mode	2021-04-02 16:24:16 +01:00
sparc	module: remove never implemented MODULE_SUPPORTED_DEVICE	2021-03-17 13:16:18 -07:00
spi
synth
usb	ALSA: usb-audio: Fix implicit sync clearance at stopping stream	2021-04-26 08:37:05 +02:00
virtio	ALSA: virtio: use module_virtio_driver() to simplify the code	2021-04-12 12:15:34 +02:00
x86	module: remove never implemented MODULE_SUPPORTED_DEVICE	2021-03-17 13:16:18 -07:00
xen	module: remove never implemented MODULE_SUPPORTED_DEVICE	2021-03-17 13:16:18 -07:00
ac97_bus.c
Kconfig	ALSA: virtio: add virtio sound driver	2021-03-07 09:07:16 +01:00
last.c
Makefile	ALSA: virtio: add virtio sound driver	2021-03-07 09:07:16 +01:00
sound_core.c