msm: adsprpc: use-after-free (UAF) in global maps (4056f87e) · Commits · CodeLinaro / la / kernel / msm-5.4 · GitLab

Commit 4056f87e authored May 27, 2024 by Santosh Sakore Committed by Harshitha G R Jun 04, 2024

msm: adsprpc: use-after-free (UAF) in global maps



Currently, remote heap maps get added to the global list before the
fastrpc_internal_mmap function completes the mapping. Meanwhile, the
fastrpc_internal_munmap function accesses the map, starts unmapping, and
frees the map before the fastrpc_internal_mmap function completes,
resulting in a use-after-free (UAF) issue. Add the map to the list after
the fastrpc_internal_mmap function completes the mapping.

Change-Id: Ia524f142edba57a1f389dd0e5c83a1967c7f5a59
Acked-by: Abhishek Singh <[email protected]>
Signed-off-by: Santosh Sakore <[email protected]>
(cherry picked from commit 64e5b566)

parent dba8b15d

Hide whitespace changes

Inline Side-by-side

Manifest Service @manifest_service
mentioned in commit 9f1171f1
· Aug 12, 2024

mentioned in commit 9f1171f1

mentioned in commit 9f1171f1e8c580f853107c0b7b18d03d3507877c

Toggle commit list
lnx build @lnxbuild
mentioned in commit 06f6aedc
· Sep 24, 2024

mentioned in commit 06f6aedc

mentioned in commit 06f6aedc14aef9b6804e6c0920e10ffb8b2ea4ff

Toggle commit list

Please register or to comment