UPSTREAM: vsock/virtio: Initialization of the dangling pointer occurring in vsk->trans
commit 6ca575374dd9a507cdd16dfa0e78c2e9e20bd05f upstream.
During loopback communication, a dangling pointer can be created in
vsk->trans, potentially leading to a Use-After-Free condition. This
issue is resolved by initializing vsk->trans to NULL.
Bug: 378870958
Cc: stable <[email protected]>
Fixes: 06a8fc78367d ("VSOCK: Introduce virtio_vsock_common.ko")
Signed-off-by: Hyunwoo Kim <[email protected]>
Signed-off-by: Wongi Lee <[email protected]>
Signed-off-by: Greg Kroah-Hartman <[email protected]>
Message-Id: <2024102245-strive-crib-c8d3@gregkh>
Signed-off-by: Michael S. Tsirkin <[email protected]>
Signed-off-by: Greg Kroah-Hartman <[email protected]>
(cherry picked from commit b110196fec44fe966952004bd426967c2a8fd358)
Signed-off-by: Lee Jones <[email protected]>
Change-Id: I5eb7b5ccf7f0d96644cc4313548c0114e8836149
diff --git a/net/vmw_vsock/virtio_transport_common.c b/net/vmw_vsock/virtio_transport_common.c
index a5f65c2..0dd9f35 100644
--- a/net/vmw_vsock/virtio_transport_common.c
+++ b/net/vmw_vsock/virtio_transport_common.c
@@ -813,6 +813,7 @@ void virtio_transport_destruct(struct vsock_sock *vsk)
struct virtio_vsock_sock *vvs = vsk->trans;
kfree(vvs);
+ vsk->trans = NULL;
}
EXPORT_SYMBOL_GPL(virtio_transport_destruct);
