diff mbox series

[SRU,jammy/linux-azure,1/1] fs/smb/client: Reset password pointer to NULL

Message ID 20240105111958.1905131-2-cascardo@canonical.com
State New
Headers show
Series CVE-2023-5345 | expand

Commit Message

Thadeu Lima de Souza Cascardo Jan. 5, 2024, 11:19 a.m. UTC 
From: Quang Le <quanglex97@gmail.com>

Forget to reset ctx->password to NULL will lead to bug like double free

Cc: stable@vger.kernel.org
Cc: Willy Tarreau <w@1wt.eu>
Reviewed-by: Namjae Jeon <linkinjeon@kernel.org>
Signed-off-by: Quang Le <quanglex97@gmail.com>
Signed-off-by: Steve French <stfrench@microsoft.com>
(cherry picked from commit e6e43b8aa7cd3c3af686caf0c2e11819a886d705)
CVE-2023-5345
Signed-off-by: Thadeu Lima de Souza Cascardo <cascardo@canonical.com>
---
 fs/cifs/fs_context.c | 1 +
 1 file changed, 1 insertion(+)
diff mbox series

Patch

diff --git a/fs/cifs/fs_context.c b/fs/cifs/fs_context.c
index 67e16c2ac90e..f12203c49b80 100644
--- a/fs/cifs/fs_context.c
+++ b/fs/cifs/fs_context.c
@@ -1532,6 +1532,7 @@  static int smb3_fs_context_parse_param(struct fs_context *fc,
 
  cifs_parse_mount_err:
 	kfree_sensitive(ctx->password);
+	ctx->password = NULL;
 	return -EINVAL;
 }