Re:Re: [PATCH 4.19.y 0/9] Fix the UAF issue caused by the loop driver

From: genjian zhang
Date: Wed Mar 06 2024 - 21:36:40 EST



At 2024-03-04 21:31:20, "Greg KH" <gregkh@xxxxxxxxxxxxxxxxxxx> wrote:
>On Fri, Mar 01, 2024 at 09:30:19AM +0800, Genjian wrote:
>> From: Genjian Zhang <zhanggenjian@xxxxxxxxxx>
>>
>> Hello!
>>
>> We found that 2035c770bfdb ("loop: Check for overflow while configuring loop") lost a unlock loop_ctl_mutex in loop_get_status(...).
>> which caused syzbot to report a UAF issue. However, the upstream patch does not have this issue.
>> So, we revert this patch and directly apply the unmodified upstream patch.
>>
>> Risk use-after-free as reported by syzbot:
>
>This looks good, but you are backporting commits that are NOT in newer
>stable releases (i.e. from 5.8 but the commit is not in 5.4.y), is that
>intentional?
>
>Does 5.4.y also have this problem? If so, can you send a series that
>fixes that up so I can take both of them at the same time?
>
>thanks,
>
>greg k-h

Thank you for your advice. This problem also exists in 5.4.y.
I will send a series of patches for 5.4.y.

thanks,

Genjian