vsock/virtio: Initialization of the dangling pointer occurring in vsk->trans

commit 6ca575374dd9a507cdd16dfa0e78c2e9e20bd05f upstream. During loopback communication, a dangling pointer can be created in vsk->trans, potentially leading to a Use-After-Free condition. This issue is resolved by initializing vsk->trans to NULL. Cc: stable <stable@kernel.org> Fixes: 06a8fc78367d ("VSOCK: Introduce virtio_vsock_common.ko") Signed-off-by: Hyunwoo Kim <v4bel@theori.io> Signed-off-by: Wongi Lee <qwerty@theori.io> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> Message-Id: <2024102245-strive-crib-c8d3@gregkh> Signed-off-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
author: Hyunwoo Kim <v4bel@theori.io> 2024-10-22 09:32:56 +0200
committer: Greg Kroah-Hartman <gregkh@linuxfoundation.org> 2024-11-14 13:19:41 +0100
commit: b110196fec44fe966952004bd426967c2a8fd358 (patch)
tree: d6ff5c9539440e78914954129e086c78cc0aecdd
parent: 4bdc5a62c6e50600d8a1c3e18fd6dce0c27c9497 (diff)
1 files changed, 1 insertions, 0 deletions
diff --git a/net/vmw_vsock/virtio_transport_common.c b/net/vmw_vsock/virtio_transport_common.c
index 78b5f4f8808b..2a44505f4a22 100644
--- a/net/vmw_vsock/virtio_transport_common.c
+++ b/net/vmw_vsock/virtio_transport_common.c
@@ -923,6 +923,7 @@ void virtio_transport_destruct(struct vsock_sock *vsk)
 	struct virtio_vsock_sock *vvs = vsk->trans;
 
 	kfree(vvs);
+	vsk->trans = NULL;
 }
 EXPORT_SYMBOL_GPL(virtio_transport_destruct);
author	Hyunwoo Kim <v4bel@theori.io>	2024-10-22 09:32:56 +0200
committer	Greg Kroah-Hartman <gregkh@linuxfoundation.org>	2024-11-14 13:19:41 +0100
commit	b110196fec44fe966952004bd426967c2a8fd358 (patch)
tree	d6ff5c9539440e78914954129e086c78cc0aecdd
parent	4bdc5a62c6e50600d8a1c3e18fd6dce0c27c9497 (diff)