← Back to team overview

kernel-packages team mailing list archive

[Bug 1584828] Re: s390/pci: fix use after free in dma_init


** Also affects: linux
   Importance: Undecided
       Status: New

** No longer affects: linux

** Also affects: ubuntu-z-systems
   Importance: Undecided
       Status: New

** Changed in: ubuntu-z-systems
       Status: New => Triaged

** Changed in: ubuntu-z-systems
   Importance: Undecided => High

** Changed in: ubuntu-z-systems
     Assignee: (unassigned) => Andy Whitcroft (apw)

You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.

  s390/pci: fix use after free in dma_init

Status in Ubuntu on IBM z Systems:
Status in linux package in Ubuntu:

Bug description:
  == Comment: #0 - Hendrik Brueckner <brueckner@xxxxxxxxxx> - 2016-05-23 09:09:00 ==
  Please backport upstream Linux commit ID:

  commit dba599091c191d209b1499511a524ad9657c0e5a
  Author: Sebastian Ott <sebott@xxxxxxxxxxxxxxxxxx>
  Date:   Fri Apr 15 09:41:35 2016 +0200

      s390/pci: fix use after free in dma_init
      After a failure during registration of the dma_table (because of the
      function being in error state) we free its memory but don't reset the
      associated pointer to zero.
      When we then receive a notification from firmware (about the function
      being in error state) we'll try to walk and free the dma_table again.
      Fix this by resetting the dma_table pointer. In addition to that make
      sure that we free the iommu_bitmap when appropriate.
      Signed-off-by: Sebastian Ott <sebott@xxxxxxxxxxxxxxxxxx>
      Reviewed-by: Gerald Schaefer <gerald.schaefer@xxxxxxxxxx>
      Signed-off-by: Martin Schwidefsky <schwidefsky@xxxxxxxxxx>

To manage notifications about this bug go to: