iv/linux
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
08fa29d916
linux/fs/proc
History
Sasha Levin 08fa29d916 mm: fix NULL ptr deref when walking hugepages 
A missing validation of the value returned by find_vma() could cause a
NULL ptr dereference when walking the pagetable.

This is triggerable from usermode by a simple user by trying to read a
page info out of /proc/pid/pagemap which doesn't exist.

Introduced by commit 025c5b2451 ("thp: optimize away unnecessary page
table locking").

Signed-off-by: Sasha Levin <levinsasha928@gmail.com>
Reviewed-by: Naoya Horiguchi <n-horiguchi@ah.jp.nec.com>
Cc: David Rientjes <rientjes@google.com>
Cc: Andi Kleen <andi@firstfloor.org>
Cc: Andrea Arcangeli <aarcange@redhat.com>
Cc: KOSAKI Motohiro <kosaki.motohiro@jp.fujitsu.com>
Cc: KAMEZAWA Hiroyuki <kamezawa.hiroyu@jp.fujitsu.com>
Cc: <stable@vger.kernel.org>		[3.4.x]
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2012-05-29 16:22:18 -07:00
..
array.c userns: Convert proc to use kuid/kgid where appropriate 2012-05-15 14:59:28 -07:00
base.c Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/ebiederm/user-namespace 2012-05-23 17:42:39 -07:00
cmdline.c
consoles.c console: rename acquire/release_console_sem() to console_lock/unlock() 2011-01-26 10:50:06 +10:00
cpuinfo.c
devices.c proc: use seq_puts()/seq_putc() where possible 2011-01-13 08:03:16 -08:00
generic.c switch procfs to umode_t use 2012-01-03 22:54:56 -05:00
inode.c avoid iput() from flusher thread 2012-05-28 09:54:45 -07:00
internal.h Merge git://git.kernel.org/pub/scm/linux/kernel/git/ebiederm/sysctl 2012-03-23 18:08:58 -07:00
interrupts.c
Kconfig kconfig: rename CONFIG_EMBEDDED to CONFIG_EXPERT 2011-01-20 17:02:05 -08:00
kcore.c fs/proc/kcore.c: make get_sparsemem_vmemmap_info() static 2012-03-23 16:58:42 -07:00
kmsg.c procfs: Use generic_file_llseek in /proc/kmsg 2010-04-09 16:35:41 +02:00
loadavg.c
Makefile ns: proc files for namespace naming policy. 2011-05-10 14:31:44 -07:00
meminfo.c fs/proc/meminfo.c: fix compilation error 2011-12-09 07:50:28 -08:00
mmu.c
namespaces.c fs/proc/namespaces.c: prevent crash when ns_entries[] is empty 2012-03-28 17:14:37 -07:00
nommu.c include cleanup: Update gfp.h and slab.h includes to prepare for breaking implicit slab.h inclusion from percpu.h 2010-03-30 22:02:32 +09:00
page.c pagemap: export KPF_THP 2012-03-21 17:54:57 -07:00
proc_devtree.c of/flattree: Drop an uninteresting message to pr_debug level 2011-03-02 13:45:18 -07:00
proc_net.c switch procfs to umode_t use 2012-01-03 22:54:56 -05:00
proc_sysctl.c userns: Convert sysctl permission checks to use kuid and kgids. 2012-05-15 14:59:28 -07:00
proc_tty.c proc: use seq_puts()/seq_putc() where possible 2011-01-13 08:03:16 -08:00
root.c Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/ebiederm/user-namespace 2012-05-23 17:42:39 -07:00
softirqs.c proc: use seq_puts()/seq_putc() where possible 2011-01-13 08:03:16 -08:00
stat.c proc: stats: Use arch_idle_time for idle and iowait times if available 2012-03-30 15:43:33 +02:00
task_mmu.c mm: fix NULL ptr deref when walking hugepages 2012-05-29 16:22:18 -07:00
task_nommu.c procfs: mark thread stack correctly in proc/<pid>/maps 2012-03-21 17:54:58 -07:00
uptime.c Merge branch 'sched/core' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip into cputime-tip 2011-12-19 19:23:15 +01:00
version.c
vmcore.c fadump: Introduce cleanup routine to invalidate /proc/vmcore. 2012-02-23 10:50:02 +11:00