Google Git
Sign in
android / kernel / common.git / refs/tags/ASB-2020-02-05_4.9-o-release
tag21d7b3fa720741b8e5a33a358e01127bdfc108df
taggerTodd Kjos <tkjos@google.com>Mon Feb 03 16:17:45 2020 -0800
objecta12d1ce91b8cccb239991af90daf46311b7ba975 
https://source.android.com/security/bulletin/2020-02-01
CVE-2020-0030
CVE-2019-11599
commita12d1ce91b8cccb239991af90daf46311b7ba975[log] [tgz]
authorMartijn Coenen <maco@android.com>Fri Feb 16 09:47:15 2018 +0100
committerTodd Kjos <tkjos@google.com>Wed Jan 29 15:04:05 2020 -0800
tree762f89b7675a42da8a6e793cf6934ac69a236652
parenta493de2ff342b94623e9241ba0b7926be9c09693 [diff]
ANDROID: binder: synchronize_rcu() when using POLLFREE.

commit 5eeb2ca02a2f6084fc57ae5c244a38baab07033a upstream.

To prevent races with ep_remove_waitqueue() removing the
waitqueue at the same time.

Change-Id: I6c7528260aaca7d1015eefad1802c6104aa371e3
Reported-by: syzbot+a2a3c4909716e271487e@syzkaller.appspotmail.com
Signed-off-by: Martijn Coenen <maco@android.com>
Cc: stable <stable@vger.kernel.org> # 4.14+
Signed-off-by: Mattias Nissler <mnissler@chromium.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
1 file changed
tree: 762f89b7675a42da8a6e793cf6934ac69a236652
  1. arch/
  2. block/
  3. certs/
  4. crypto/
  5. Documentation/
  6. drivers/
  7. firmware/
  8. fs/
  9. include/
  10. init/
  11. ipc/
  12. kernel/
  13. lib/
  14. mm/
  15. net/
  16. samples/
  17. scripts/
  18. security/
  19. sound/
  20. tools/
  21. usr/
  22. virt/
  23. .cocciconfig
  24. .get_maintainer.ignore
  25. .gitattributes
  26. .gitignore
  27. .mailmap
  28. build.config.cuttlefish.x86_64
  29. build.config.goldfish.arm
  30. build.config.goldfish.arm64
  31. build.config.goldfish.mips
  32. build.config.goldfish.mips64
  33. build.config.goldfish.x86
  34. build.config.goldfish.x86_64
  35. COPYING
  36. CREDITS
  37. Kbuild
  38. Kconfig
  39. MAINTAINERS
  40. Makefile
  41. README
  42. REPORTING-BUGS