[PATCH 0/2] [bionic, eoan] CVE-2019-19768
Benjamin M Romer
benjamin.romer at canonical.com
Tue Mar 31 12:44:39 UTC 2020
In the Linux kernel 5.4.0-rc2, there is a use-after-free (read) in the
__blk_add_trace function in kernel/trace/blktrace.c (which is used to fill
out a blk_io_trace structure and place it in a per-cpu sub-buffer).
Cengiz Can (1):
blktrace: fix dereference after null check
Jan Kara (1):
blktrace: Protect q->blk_trace with RCU
include/linux/blkdev.h | 2 +-
include/linux/blktrace_api.h | 18 ++++--
kernel/trace/blktrace.c | 117 +++++++++++++++++++++++++----------
3 files changed, 100 insertions(+), 37 deletions(-)
--
2.20.1
More information about the kernel-team
mailing list