linux-stable.git - Linux kernel stable tree

diff options

author	Takashi Iwai <tiwai@suse.de>	2020-08-04 20:58:15 +0200
committer	Takashi Iwai <tiwai@suse.de>	2020-08-05 08:27:39 +0200
commit	80982c7e834e5d4e325b6ce33757012ecafdf0bb (patch)
tree	ba9fb7af0995bfefbef4c4ad7cb23a3ad0a45546 /sound/pci
parent	cd72c317a0a11f64225b9a3f1fe503bb8c7327b5 (diff)
download	linux-stable-80982c7e834e5d4e325b6ce33757012ecafdf0bb.tar.gz linux-stable-80982c7e834e5d4e325b6ce33757012ecafdf0bb.tar.bz2 linux-stable-80982c7e834e5d4e325b6ce33757012ecafdf0bb.zip

ALSA: seq: oss: Serialize ioctls

Some ioctls via OSS sequencer API may race and lead to UAF when the port create and delete are performed concurrently, as spotted by a couple of syzkaller cases. This patch is an attempt to address it by serializing the ioctls with the existing register_mutex. Basically OSS sequencer API is an obsoleted interface and was designed without much consideration of the concurrency. There are very few applications with it, and the concurrent performance isn't asked, hence this "big hammer" approach should be good enough. Reported-by: syzbot+1a54a94bd32716796edd@syzkaller.appspotmail.com Reported-by: syzbot+9d2abfef257f3e2d4713@syzkaller.appspotmail.com Suggested-by: Hillf Danton <hdanton@sina.com> Cc: <stable@vger.kernel.org> Link: https://lore.kernel.org/r/20200804185815.2453-1-tiwai@suse.de Signed-off-by: Takashi Iwai <tiwai@suse.de>

Diffstat (limited to 'sound/pci')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: