af_unix: fix races in sk_peer_pid and sk_peer_cred accesses (!341) · Merge requests · Red Hat / centos-stream / src / kernel / centos-stream-9

Guillaume Nault requested to merge gnault/centos-stream-9:bz2037783 into main Jan 11, 2022

Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=2037783 Upstream Status: linux.git CVE: CVE-2021-4203

Protect the .sk_peer_pid and .sk_peer_cred fields of struct sock with a spinlock, to avoid race conditions in SO_PEERCRED and SO_PEERGROUPS getsockopts.

Patch 1 is the real fix, patch 2 is just a trivial followup.

Signed-off-by: Guillaume Nault gnault@redhat.com

Admin message

af_unix: fix races in sk_peer_pid and sk_peer_cred accesses

Merge request reports