]> Gentwo Git Trees - linux/.git/commit
gentwo / linux / .git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 3316a8f) | patch
ksmbd: fix use-after-free in ksmbd_tree_connect_put under concurrency
authorNamjae Jeon <linkinjeon@kernel.org>
Tue, 18 Nov 2025 00:05:46 +0000 (09:05 +0900)
committerSteve French <stfrench@microsoft.com>
Mon, 1 Dec 2025 03:11:45 +0000 (21:11 -0600)
commitb39a1833cc4a2755b02603eec3a71a85e9dff926
tree2018a961cddf11070732e0dbd5117e89a9c3f271tree | snapshot
parent3316a8fc840d82fad5efcf76ad0ea3f76fdca209commit | diff
ksmbd: fix use-after-free in ksmbd_tree_connect_put under concurrency

Under high concurrency, A tree-connection object (tcon) is freed on
a disconnect path while another path still holds a reference and later
executes *_put()/write on it.

Reported-by: Qianchang Zhao <pioooooooooip@gmail.com>
Reported-by: Zhitong Liu <liuzhitong1993@gmail.com>
Signed-off-by: Namjae Jeon <linkinjeon@kernel.org>
Signed-off-by: Steve French <stfrench@microsoft.com>
fs/smb/server/mgmt/tree_connect.c diff | blob | blame | history
fs/smb/server/mgmt/tree_connect.h diff | blob | blame | history
fs/smb/server/smb2pdu.c diff | blob | blame | history
Development tree.