Received: by 2002:a05:7412:2a8c:b0:e2:908c:2ebd with SMTP id u12csp3059287rdh; Thu, 28 Sep 2023 00:55:30 -0700 (PDT) X-Google-Smtp-Source: AGHT+IGhCO46Q3pfj5O1OMW2ZbZ8fVNNYB2ubH6ZYUw62ay0ljz57+MnZcm8dCw2WaTUtKTfpEnU X-Received: by 2002:a05:6102:443:b0:452:c3a4:1f8c with SMTP id e3-20020a056102044300b00452c3a41f8cmr342384vsq.2.1695887729736; Thu, 28 Sep 2023 00:55:29 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1695887729; cv=none; d=google.com; s=arc-20160816; b=TEYCL4HD4svUDDy9udNyUbYJ0jFs9ChqA/+bcrfUXt8k5rmH3DbdDwgYPt1BeYULhL v2cYTx8PuY0AXCFA82S2rdFio/2VAo20WX8n7lGJpGHEDNU7P+9FZ1b/yO9CYRhKead3 TzkyJYTSD9C+/KW/UDR+Io6ZJ20PA/JOvoYFXCM2M4Ta04PjhjgZIdIoWuBTvuooy0Rf i0dOord22Ac9MYCijnRQaFmTzbOVgGY9sjWZbOKqssG6FCbZdjLS/5tel8I3NHvR3U1B 8HQLgS2cDMvhXoDNB9mVR+I5VsvTbCRt+KIxAj+HO6wM6ZOZDqQ2HGeH65DtTcRyqJrH Pc6w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:user-agent:in-reply-to:content-disposition :mime-version:references:message-id:subject:cc:to:from:date; bh=CzcoiLOh3gJRdpLF8N8c/4lMfuLVMJz9hUSXyhKqmGQ=; fh=GBX4TzZBe3XZMVPchuVS8A9WqxVY4fMdnqLZ1NO9xHc=; b=SwIpZQaNZlIcukRftWFPaKG0WE4pZ3FWfOkIntCG5Qb1hcTHnSkTbvQhrQEELI3fdt A/Bj0LkZ4fjfV6TiZ5V0Dg29a1098CWvLoxo2+dG5k1KXerwpKCtYE8oLAuV4pUllwEt Jruy2QNpfFfIp8OOqnsZ3y6hjwYPIPYHR0SoHBA3PMbwHUIb8W3YxHEYaHPfvQelid4S B4FIFh7MkpVNHLVb7yTnK3xqeGQX6PDMq7CpMkooy3miJwmDCfRdYxgAIbcT5g6MXW9L BZZEW8UxyR69BpjFqrYyxrgFhRNYFn3tC107oGdp/RoGfgI+yHfzalPUqY4d15o9a8hk GH+A== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:3 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from lipwig.vger.email (lipwig.vger.email. [2620:137:e000::3:3]) by mx.google.com with ESMTPS id j72-20020a638b4b000000b00577f7bc56absi18624688pge.100.2023.09.28.00.55.29 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 28 Sep 2023 00:55:29 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:3 as permitted sender) client-ip=2620:137:e000::3:3; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:3 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0]) by lipwig.vger.email (Postfix) with ESMTP id E97AC828F202; Thu, 28 Sep 2023 00:38:55 -0700 (PDT) X-Virus-Status: Clean X-Virus-Scanned: clamav-milter 0.103.10 at lipwig.vger.email Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230325AbjI1Hig (ORCPT + 99 others); Thu, 28 Sep 2023 03:38:36 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:52476 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230384AbjI1Hic (ORCPT ); Thu, 28 Sep 2023 03:38:32 -0400 Received: from metis.whiteo.stw.pengutronix.de (metis.whiteo.stw.pengutronix.de [IPv6:2a0a:edc0:2:b01:1d::104]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 7B271B7 for ; Thu, 28 Sep 2023 00:38:27 -0700 (PDT) Received: from drehscheibe.grey.stw.pengutronix.de ([2a0a:edc0:0:c01:1d::a2]) by metis.whiteo.stw.pengutronix.de with esmtps (TLS1.3:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from ) id 1qllbM-0007jY-JW; Thu, 28 Sep 2023 09:38:24 +0200 Received: from [2a0a:edc0:2:b01:1d::c0] (helo=ptx.whiteo.stw.pengutronix.de) by drehscheibe.grey.stw.pengutronix.de with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.94.2) (envelope-from ) id 1qllbM-009WiC-2O; Thu, 28 Sep 2023 09:38:24 +0200 Received: from ore by ptx.whiteo.stw.pengutronix.de with local (Exim 4.92) (envelope-from ) id 1qllbL-00BpgX-WC; Thu, 28 Sep 2023 09:38:24 +0200 Date: Thu, 28 Sep 2023 09:38:23 +0200 From: Oleksij Rempel To: Robin van der Gracht , Oliver Hartkopp , Marc Kleine-Budde Cc: linux-kernel@vger.kernel.org, stable@vger.kernel.org, linux-can@vger.kernel.org, kernel@pengutronix.de, Sili Luo Subject: Re: [PATCH v1] can: j1939: Fix UAF in j1939_sk_match_filter during setsockopt(SO_J1939_FILTER) Message-ID: <20230928073823.GA2820185@pengutronix.de> References: <20230927161456.82772-1-o.rempel@pengutronix.de> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline In-Reply-To: <20230927161456.82772-1-o.rempel@pengutronix.de> X-Sent-From: Pengutronix Hildesheim X-URL: http://www.pengutronix.de/ X-Accept-Language: de,en X-Accept-Content-Type: text/plain User-Agent: Mutt/1.10.1 (2018-07-13) X-SA-Exim-Connect-IP: 2a0a:edc0:0:c01:1d::a2 X-SA-Exim-Mail-From: ore@pengutronix.de X-SA-Exim-Scanned: No (on metis.whiteo.stw.pengutronix.de); SAEximRunCond expanded to false X-PTX-Original-Recipient: linux-kernel@vger.kernel.org X-Spam-Status: No, score=-0.8 required=5.0 tests=HEADER_FROM_DIFFERENT_DOMAINS, MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lipwig.vger.email Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.6.4 (lipwig.vger.email [0.0.0.0]); Thu, 28 Sep 2023 00:38:56 -0700 (PDT) On Wed, Sep 27, 2023 at 06:14:56PM +0200, Oleksij Rempel wrote: > Lock jsk->sk to prevent UAF when setsockopt(..., SO_J1939_FILTER, ...) > modifies jsk->filters while receiving packets. ... > Fixes: 9d71dd0c70099 ("can: add support of SAE J1939 protocol") > Reported-by: Sili Luo > Suggested-by: Sili Luo > Signed-off-by: Oleksij Rempel > Acked-by: Oleksij Rempel > Cc: stable@vger.kernel.org Tested-by: Sili Luo -- Pengutronix e.K. | | Steuerwalder Str. 21 | http://www.pengutronix.de/ | 31137 Hildesheim, Germany | Phone: +49-5121-206917-0 | Amtsgericht Hildesheim, HRA 2686 | Fax: +49-5121-206917-5555 |