iv/linux
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
linux/net/core
History
Pratyush Yadav 58766252f6 net: fix skb leak in __skb_tstamp_tx() 
commit 8a02fb71d7192ff1a9a47c9d937624966c6e09af upstream.

Commit 50749f2dd685 ("tcp/udp: Fix memleaks of sk and zerocopy skbs with
TX timestamp.") added a call to skb_orphan_frags_rx() to fix leaks with
zerocopy skbs. But it ended up adding a leak of its own. When
skb_orphan_frags_rx() fails, the function just returns, leaking the skb
it just cloned. Free it before returning.

This bug was discovered and resolved using Coverity Static Analysis
Security Testing (SAST) by Synopsys, Inc.

Fixes: 50749f2dd685 ("tcp/udp: Fix memleaks of sk and zerocopy skbs with TX timestamp.")
Signed-off-by: Pratyush Yadav <ptyadav@amazon.de>
Reviewed-by: Kuniyuki Iwashima <kuniyu@amazon.com>
Reviewed-by: Willem de Bruijn <willemb@google.com>
Link: https://lore.kernel.org/r/20230522153020.32422-1-ptyadav@amazon.de
Signed-off-by: Jakub Kicinski <kuba@kernel.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2023-05-30 12:44:10 +01:00
..
bpf_sk_storage.c
bpf: Improve bucket_log calculation logic
2020-02-14 16:34:10 -05:00
datagram.c
net: datagram: fix data-races in datagram_poll()
2023-05-30 12:44:02 +01:00
datagram.h
dev_addr_lists.c
net: remove unnecessary variables and callback
2019-10-24 14:53:49 -07:00
dev_ioctl.c
net: fix dev_ifsioc_locked() race condition
2021-03-07 12:20:43 +01:00
dev.c
net: Catch invalid index in XPS mapping
2023-05-30 12:44:03 +01:00
devlink.c
devlink: Fix use-after-free after a failed reload
2022-08-25 11:18:23 +02:00
drop_monitor.c
drop_monitor: fix data-race in dropmon_net_event / trace_napi_poll_hit
2022-02-23 11:59:58 +01:00
dst_cache.c
dst.c
net: print proper warning on dst underflow
2019-09-26 09:05:56 +02:00
ethtool.c
net/ethtool/ioctl: return -EOPNOTSUPP if we have no phy stats
2023-01-24 07:17:58 +01:00
failover.c
fib_notifier.c
net: fib_notifier: move fib_notifier_ops from struct net into per-net struct
2019-09-07 17:28:22 +02:00
fib_rules.c
ipv6: fix memory leak in fib6_rule_suppress
2021-12-08 09:01:13 +01:00
filter.c
bpf: bpf_fib_lookup should not return neigh in NUD_FAILED state
2023-03-03 11:41:48 +01:00
flow_dissector.c
net/sched: flower: fix parsing of ethertype following VLAN header
2022-04-20 09:19:34 +02:00
flow_offload.c
net: core: rename indirect block ingress cb function
2019-12-18 16:08:47 +01:00
gen_estimator.c
net_sched: gen_estimator: support large ewma log
2021-02-07 15:35:47 +01:00
gen_stats.c
gro_cells.c
hwbm.c
link_watch.c
net: linkwatch: fix failure to restore device state across suspend/resume
2021-08-18 08:57:00 +02:00
lwt_bpf.c
bpf, lwt: Fix crash when using bpf_skb_set_tunnel_key() from bpf_xmit lwt hook
2022-05-09 09:03:24 +02:00
lwtunnel.c
lwtunnel: Validate RTA_ENCAP_TYPE attribute length
2022-01-11 15:23:32 +01:00
Makefile
neighbour.c
neigh: make sure used and confirmed times are valid
2023-03-03 11:41:48 +01:00
net_namespace.c
net: fix UaF in netns ops registration error path
2023-02-06 07:52:45 +01:00
net-procfs.c
net-procfs: show net devices bound packet types
2022-02-01 17:24:37 +01:00
net-sysfs.c
net-sysfs: add check for netdevice being present to speed_show
2022-03-16 13:21:46 +01:00
net-sysfs.h
net-traces.c
netclassid_cgroup.c
cgroup, netclassid: remove double cond_resched
2020-05-10 10:31:32 +02:00
netevent.c
netpoll.c
net: don't let netpoll invoke NAPI if in xmit context
2023-04-20 12:07:33 +02:00
netprio_cgroup.c
netprio_cgroup: Fix unlimited memory leak of v2 cgroups
2020-05-20 08:20:12 +02:00
page_pool.c
mm: fix struct page layout on 32-bit systems
2021-05-19 10:08:31 +02:00
pktgen.c
pktgen: fix misuse of BUG_ON() in pktgen_thread_worker()
2021-03-07 12:20:44 +01:00
ptp_classifier.c
request_sock.c
tcp: add rcu protection around tp->fastopen_rsk
2019-10-13 10:13:08 -07:00
rtnetlink.c
net_sched: add __rcu annotation to netdev->qdisc
2023-04-05 11:16:46 +02:00
scm.c
secure_seq.c
tcp: Fix data-races around sysctl knobs related to SYN option.
2022-07-29 17:14:14 +02:00
skbuff.c
net: fix skb leak in __skb_tstamp_tx()
2023-05-30 12:44:10 +01:00
skmsg.c
bpf, sockmap: Fix memleak in tcp_bpf_sendmsg while sk msg is full
2022-04-15 14:18:16 +02:00
sock_diag.c
sock: make cookie generation global instead of per netns
2019-08-09 13:14:46 -07:00
sock_map.c
bpf, sockmap: Revert buggy deadlock fix in the sockhash and sockmap
2023-05-17 11:35:43 +02:00
sock_reuseport.c
udp: Prevent reuseport_select_sock from reading uninitialized socks
2021-01-23 15:57:56 +01:00
sock.c
net: add sock_init_data_uid()
2023-03-11 16:43:40 +01:00
stream.c
net: Remove WARN_ON_ONCE(sk->sk_forward_alloc) from sk_stream_kill_queues().
2023-03-03 11:41:48 +01:00
sysctl_net_core.c
net: Fix data-races around weight_p and dev_weight_[rt]x_bias.
2022-09-05 10:27:41 +02:00
timestamping.c
tso.c
net: Use skb accessors in network core
2019-07-22 20:47:56 -07:00
utils.c
net: Fix skb->csum update in inet_proto_csum_replace16().
2020-02-05 21:22:52 +00:00
xdp.c
xdp: obtain the mem_id mutex before trying to remove an entry.
2019-12-18 16:09:10 +01:00