[Linux-stable-mirror] Apply "x86/mm: fix use-after-free of vma during userfaultfd fault" to 4.9-stable
Commit cb0631fd3cf9 ("x86/mm: fix use-after-free of vma during userfaultfd fault") went into mainline without Cc: stable. It appears to be a use-after-free reachable by unprivileged users -- at least with CONFIG_USERFAULTFD=y. Can it please be applied to 4.9-stable?
Eric
On Mon, Nov 27, 2017 at 12:03:43AM -0800, Eric Biggers wrote:
Commit cb0631fd3cf9 ("x86/mm: fix use-after-free of vma during userfaultfd fault") went into mainline without Cc: stable. It appears to be a use-after-free reachable by unprivileged users -- at least with CONFIG_USERFAULTFD=y. Can it please be applied to 4.9-stable?
Now queued up, thanks,
greg k-h
On 11/27/2017 09:03 AM, Eric Biggers wrote:
Commit cb0631fd3cf9 ("x86/mm: fix use-after-free of vma during userfaultfd fault") went into mainline without Cc: stable. It appears to be a
It was a mainline 4.14-rcX regression fix so I didn't CC stable. I didn't notice that the commit a3c4fb7c9c2ebfd50b8c60f6c069932bb319bc37 that it Fixes did have CC: stable, so I guess my fix should have CC: stable too. Probably the stable scripts should have picked that anyway, except I also screwed copy/paste on the Fixes tag, omitting the first characted of SHA :( (Fixes: 3c4fb7c9c2e ("x86/mm: ...."))
Thanks for noticing!
use-after-free reachable by unprivileged users -- at least with CONFIG_USERFAULTFD=y. Can it please be applied to 4.9-stable?
Eric
linux-stable-mirror@lists.linaro.org
-
Eric Biggers -
Greg Kroah-Hartman -
Vlastimil Babka