vsock/virtio: Initialization of the dangling pointer occurring in vsk->trans

commit 6ca575374dd9a507cdd16dfa0e78c2e9e20bd05f upstream. During loopback communication, a dangling pointer can be created in vsk->trans, potentially leading to a Use-After-Free condition. This issue is resolved by initializing vsk->trans to NULL. Cc: stable <stable@kernel.org> Fixes: 06a8fc78367d ("VSOCK: Introduce virtio_vsock_common.ko") Signed-off-by: Hyunwoo Kim <v4bel@theori.io> Signed-off-by: Wongi Lee <qwerty@theori.io> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> Message-Id: <2024102245-strive-crib-c8d3@gregkh> Signed-off-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
author: Hyunwoo Kim <v4bel@theori.io> 2024-10-22 09:32:56 +0200
committer: Greg Kroah-Hartman <gregkh@linuxfoundation.org> 2024-11-14 13:21:16 +0100
commit: 5f970935d09934222fdef3d0e20c648ea7a963c1 (patch)
tree: 92ab50278b2a92b8bd718e7cb4df8a38580b5188
parent: e0fe3392371293175f25028020ded5267f4cd8e3 (diff)
1 files changed, 1 insertions, 0 deletions
diff --git a/net/vmw_vsock/virtio_transport_common.c b/net/vmw_vsock/virtio_transport_common.c
index 645222ac84e3..01b6b1ed5acf 100644
--- a/net/vmw_vsock/virtio_transport_common.c
+++ b/net/vmw_vsock/virtio_transport_common.c
@@ -1087,6 +1087,7 @@ void virtio_transport_destruct(struct vsock_sock *vsk)
 	struct virtio_vsock_sock *vvs = vsk->trans;
 
 	kfree(vvs);
+	vsk->trans = NULL;
 }
 EXPORT_SYMBOL_GPL(virtio_transport_destruct);
author	Hyunwoo Kim <v4bel@theori.io>	2024-10-22 09:32:56 +0200
committer	Greg Kroah-Hartman <gregkh@linuxfoundation.org>	2024-11-14 13:21:16 +0100
commit	5f970935d09934222fdef3d0e20c648ea7a963c1 (patch)
tree	92ab50278b2a92b8bd718e7cb4df8a38580b5188
parent	e0fe3392371293175f25028020ded5267f4cd8e3 (diff)