From: Enzo Matsumiya ematsumiya@suse.de
mainline inclusion from mainline-v6.10-rc3 commit 02c418774f76a0a36a6195c9dbf8971eb4130a15 category: bugfix bugzilla: https://gitee.com/src-openeuler/kernel/issues/IA8AFZ CVE: CVE-2024-39468
Reference: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?i...
--------------------------------
Unlock cifs_tcp_ses_lock before calling cifs_put_smb_ses() to avoid such deadlock.
Cc: stable@vger.kernel.org Signed-off-by: Enzo Matsumiya ematsumiya@suse.de Reviewed-by: Shyam Prasad N sprasad@microsoft.com Reviewed-by: Paulo Alcantara (Red Hat) pc@manguebit.com Signed-off-by: Steve French stfrench@microsoft.com --- fs/smb/client/smb2transport.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/fs/smb/client/smb2transport.c b/fs/smb/client/smb2transport.c index 8f346aafc4cf..4ca04e62a993 100644 --- a/fs/smb/client/smb2transport.c +++ b/fs/smb/client/smb2transport.c @@ -216,8 +216,8 @@ smb2_find_smb_tcon(struct TCP_Server_Info *server, __u64 ses_id, __u32 tid) } tcon = smb2_find_smb_sess_tcon_unlocked(ses, tid); if (!tcon) { - cifs_put_smb_ses(ses); spin_unlock(&cifs_tcp_ses_lock); + cifs_put_smb_ses(ses); return NULL; } spin_unlock(&cifs_tcp_ses_lock);