Re: [PATCH v2] relay: handle alloc_percpu returning NULL in relay_open
From: Daniel Axtens
Date: Sun May 24 2020 - 21:58:18 EST
>> > Check if alloc_percpu returns NULL.
>> > This was found by syzkaller both on x86 and powerpc, and the reproducer
>> > it found on powerpc is capable of hitting the issue as an unprivileged
>> > user.
>> > Fixes: 017c59c042d0 ("relay: Use per CPU constructs for the relay channel buffer pointers")
>> > Reported-by: syzbot+1e925b4b836afe85a1c6@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
>> > Reported-by: syzbot+587b2421926808309d21@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
>> > Reported-by: syzbot+58320b7171734bf79d26@xxxxxxxxxxxxxxxxxxxxxxxxx
>> > Reported-by: syzbot+d6074fb08bdb2e010520@xxxxxxxxxxxxxxxxxxxxxxxxx
>> > Cc: Akash Goel <akash.goel@xxxxxxxxx>
>> > Cc: Andrew Donnellan <ajd@xxxxxxxxxxxxx> # syzkaller-ppc64
>> > Reviewed-by: Michael Ellerman <mpe@xxxxxxxxxxxxxx>
>> > Reviewed-by: Andrew Donnellan <ajd@xxxxxxxxxxxxx>
>> > Cc: stable@xxxxxxxxxxxxxxx # v4.10+
>> > Signed-off-by: Daniel Axtens <dja@xxxxxxxxxx>
>> Acked-by: David Rientjes <rientjes@xxxxxxxxxx>
> It looks this one was never applied (which relates to CVE-2019-19462,
> as pointed by Guenter in 20191223163610.GA32267@xxxxxxxxxxxx).
> Whas this lost or are there any issues pending?
I'm not aware of any pending issues.
(But, if anyone does have any objections I'm happy to revise the patch.)