qiurui
/
linux-kernelorg-stable
mirror of https://kernel.googlesource.com/pub/scm/linux/kernel/git/stable/linux.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
linux-kernelorg-stable/drivers
History
Ivan Pravdin 2801079119 Bluetooth: vhci: Prevent use-after-free by removing debugfs files early 
Move the creation of debugfs files into a dedicated function, and ensure
they are explicitly removed during vhci_release(), before associated
data structures are freed.

Previously, debugfs files such as "force_suspend", "force_wakeup", and
others were created under hdev->debugfs but not removed in
vhci_release(). Since vhci_release() frees the backing vhci_data
structure, any access to these files after release would result in
use-after-free errors.

Although hdev->debugfs is later freed in hci_release_dev(), user can
access files after vhci_data is freed but before hdev->debugfs is
released.

Fixes: ab4e4380d4 ("Bluetooth: Add vhci devcoredump support")
Signed-off-by: Ivan Pravdin <ipravdin.official@gmail.com>
Reviewed-by: Paul Menzel <pmenzel@molgen.mpg.de>
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
 		2025-08-29 14:47:20 -04:00
..
accel YAUAFFix due to dma_buf_fd() misuse 2025-08-12 12:10:33 -07:00
accessibility
acpi Merge branches 'acpi-ec' and 'acpi-processor' 2025-08-14 13:09:27 +02:00
amba
android Char / Misc / IIO / other driver updates for 6.17-rc1 2025-07-29 09:52:01 -07:00
ata ata: libata-scsi: Fix CDL control 2025-08-14 18:58:12 +09:00
atm atm: atmtcp: Prevent arbitrary write in atmtcp_recv_control(). 2025-08-22 17:23:15 -07:00
auxdisplay
base regmap: Fixes for v6.17 2025-08-09 08:40:28 +03:00
bcma treewide: rename GPIO set callbacks back to their original names 2025-08-07 10:07:06 +02:00
block ublk: check for unprivileged daemon on each I/O fetch 2025-08-11 07:57:48 -06:00
bluetooth Bluetooth: vhci: Prevent use-after-free by removing debugfs files early 2025-08-29 14:47:20 -04:00
bus soc: driver updates for 6.17 2025-07-29 11:13:27 -07:00
cache
cdrom
cdx
char Some small fixes for the IPMI driver 2025-08-07 07:38:25 +03:00
clk This is the usual collection of primarily clk driver updates. The big part of 2025-07-31 13:36:27 -07:00
clocksource A treewide cleanup of struct cycle_counter const annotations: 2025-07-29 14:02:53 -07:00
comedi Char / Misc / IIO / other driver updates for 6.17-rc1 2025-07-29 09:52:01 -07:00
connector
counter
cpufreq cpufreq: intel_pstate: Support Clearwater Forest OOB mode 2025-08-11 21:49:47 +02:00
cpuidle cpuidle: governors: menu: Avoid using invalid recent intervals data 2025-08-11 21:46:14 +02:00
crypto This update includes the following changes: 2025-07-31 09:45:28 -07:00
cxl Significant patch series in this pull request: 2025-08-03 16:23:09 -07:00
dax
dca
devfreq
dio
dma dmaengine updates for v6.17 2025-08-01 12:35:12 -07:00
dma-buf drm for 6.17-rc1 2025-07-30 19:26:49 -07:00
dpll dpll: zl3073x: ZL3073X_I2C and ZL3073X_SPI should depend on NET 2025-08-04 17:22:55 -07:00
edac - i10nm: 2025-07-29 16:30:38 -07:00
eisa
extcon
firewire firewire: core: reallocate buffer for FCP address handlers when more than 4 are registered 2025-08-03 21:20:15 +09:00
firmware EFI updates for v6.17 2025-08-09 18:10:01 +03:00
fpga
fsi Driver core changes for 6.17-rc1 2025-07-29 12:15:39 -07:00
fwctl
gnss
gpio gpio: mlxbf3: use platform_get_irq_optional() 2025-08-12 15:40:28 +02:00
gpu - Some more xe_migrate_access_memory fixes (Auld) 2025-08-15 09:50:26 +10:00
greybus
hid treewide: rename GPIO set callbacks back to their original names 2025-08-07 10:07:06 +02:00
hsi
hte
hv ARM: 2025-07-30 17:14:01 -07:00
hwmon treewide: rename GPIO set callbacks back to their original names 2025-08-07 10:07:06 +02:00
hwspinlock
hwtracing
i2c treewide: rename GPIO set callbacks back to their original names 2025-08-07 10:07:06 +02:00
i3c i3c: add missing include to internal header 2025-07-31 02:25:17 +02:00
idle intel_idle: Allow loading ACPI tables for any family 2025-08-11 21:43:26 +02:00
iio treewide: rename GPIO set callbacks back to their original names 2025-08-07 10:07:06 +02:00
infiniband RDMA v6.17 merge window second pull request 2025-08-07 07:36:23 +03:00
input treewide: rename GPIO set callbacks back to their original names 2025-08-07 10:07:06 +02:00
interconnect Char / Misc / IIO / other driver updates for 6.17-rc1 2025-07-29 09:52:01 -07:00
iommu pci-v6.17-changes 2025-08-01 13:59:07 -07:00
ipack
irqchip irqchip/mvebu-gicp: Use resource_size() for ioremap() 2025-08-06 17:00:40 +02:00
isdn mISDN: hfcpci: Fix warning when deleting uninitialized timer 2025-08-25 17:15:01 -07:00
leds treewide: rename GPIO set callbacks back to their original names 2025-08-07 10:07:06 +02:00
macintosh
mailbox mailbox/pcc: support mailbox management of the shared buffer 2025-08-07 23:49:56 -05:00
mcb
md block-6.17-20250808 2025-08-09 08:47:28 +03:00
media treewide: rename GPIO set callbacks back to their original names 2025-08-07 10:07:06 +02:00
memory
memstick
message
mfd treewide: rename GPIO set callbacks back to their original names 2025-08-07 10:07:06 +02:00
misc treewide: rename GPIO set callbacks back to their original names 2025-08-07 10:07:06 +02:00
mmc MMC core: 2025-07-29 12:05:38 -07:00
most
mtd * MTD changes: 2025-07-31 13:43:02 -07:00
mux hardening updates for v6.17-rc1 2025-07-28 17:16:12 -07:00
net net: macb: Disable clocks once 2025-08-28 10:12:21 +02:00
nfc
ntb
nubus
nvdimm Summary of significant series in this pull request: 2025-07-31 14:57:54 -07:00
nvme nvmet: exit debugfs after discovery subsystem exits 2025-08-07 06:27:58 -06:00
nvmem Driver core changes for 6.17-rc1 2025-07-29 12:15:39 -07:00
of ARM: 2025-07-30 17:14:01 -07:00
opp
parisc
parport
pci PCI: vmd: Remove MSI-X check on child devices 2025-08-12 13:45:01 -05:00
pcmcia
peci
perf
phy phy-for-6.17 2025-08-01 12:31:50 -07:00
pinctrl treewide: rename GPIO set callbacks back to their original names 2025-08-07 10:07:06 +02:00
platform treewide: rename GPIO set callbacks back to their original names 2025-08-07 10:07:06 +02:00
pmdomain
pnp
power power supply and reset changes for the 6.17 series 2025-07-31 21:39:01 -07:00
powercap platform-drivers-x86 for v6.17-1 2025-07-28 23:21:28 -07:00
pps
ps3
ptp ptp: prevent possible ABBA deadlock in ptp_clock_freerun() 2025-08-12 14:17:35 -07:00
pwm treewide: rename GPIO set callbacks back to their original names 2025-08-07 10:07:06 +02:00
rapidio
ras
regulator regulator: Fix for v6.17 2025-08-09 08:41:53 +03:00
remoteproc remoteproc updates for v6.17 2025-08-01 15:02:25 -07:00
reset This is the usual collection of primarily clk driver updates. The big part of 2025-07-31 13:36:27 -07:00
rpmsg remoteproc updates for v6.17 2025-08-01 15:02:25 -07:00
rtc RTC for 6.17 2025-08-03 20:17:34 -07:00
s390 more s390 updates for 6.17 merge window 2025-08-08 06:56:55 +03:00
sbus
scsi Merge branch '6.17/scsi-queue' into 6.17/scsi-fixes 2025-08-12 21:36:18 -04:00
sh
siox
slimbus
soc soc/tegra: pmc: Ensure power-domains are in a known state 2025-08-11 12:24:43 +02:00
soundwire soundwire updates for 6.17 2025-08-01 11:09:27 -07:00
spi spi: Fixes for v6.17 2025-08-09 08:43:24 +03:00
spmi
ssb treewide: rename GPIO set callbacks back to their original names 2025-08-07 10:07:06 +02:00
staging treewide: rename GPIO set callbacks back to their original names 2025-08-07 10:07:06 +02:00
target SCSI misc on 20250806 2025-08-06 15:44:25 +03:00
tc
tee
thermal Driver core changes for 6.17-rc1 2025-07-29 12:15:39 -07:00
thunderbolt
tty module: Rename EXPORT_SYMBOL_GPL_FOR_MODULES to EXPORT_SYMBOL_FOR_MODULES 2025-08-11 16:16:36 +02:00
ufs Merge branch '6.17/scsi-queue' into 6.17/scsi-fixes 2025-08-12 21:36:18 -04:00
uio
usb treewide: rename GPIO set callbacks back to their original names 2025-08-07 10:07:06 +02:00
vdpa vdpa: Fix IDR memory leak in VDUSE module exit 2025-08-01 09:11:08 -04:00
vfio VFIO updates for v6.17-rc1 v2 2025-08-07 07:32:50 +03:00
vhost vhost: initialize vq->nheads properly 2025-08-05 05:57:40 -04:00
video gpio updates for v6.17-rc1 2025-08-09 08:15:43 +03:00
virt virt: sev-guest: Satisfy linear mapping requirement in get_derived_key() 2025-08-15 17:05:39 +02:00
virtio virtio, vhost: features, fixes 2025-08-01 14:17:48 -07:00
w1
watchdog watchdog: sbsa: Adjust keepalive timeout to avoid MediaTek WS0 race condition 2025-07-28 12:07:08 +02:00
xen
zorro
Kconfig drm for 6.17-rc1 2025-07-30 19:26:49 -07:00
Makefile