漏洞标题
cfg80211: 修复管理注册的锁定问题
漏洞描述信息
在Linux内核中,已解决以下漏洞:
cfg80211:修复管理注册的锁定
管理注册的锁定已破坏,列表对于每个wdev被锁定,但在不持有所有正确的自旋锁的情况下,cfg80211_mgmt_registrations_update()迭代该列表,导致列表损坏。
与其尝试使用精细粒度锁定来修复它,不如将锁定移动到wiphy/rdev(仍需要每个wdev上的列表),我们已经需要持有wdev的锁定才能更改它,因此无论如何在锁定上都没有竞争。由于我们已经持有一个wdev的锁定,并且现在将持有保护所有列表的锁定,因此这轻松地修复了该bug。
CVSS信息
CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
漏洞类别
加锁机制不恰当
漏洞标题
cfg80211: fix management registrations locking
漏洞描述信息
In the Linux kernel, the following vulnerability has been resolved:
cfg80211: fix management registrations locking
The management registrations locking was broken, the list was
locked for each wdev, but cfg80211_mgmt_registrations_update()
iterated it without holding all the correct spinlocks, causing
list corruption.
Rather than trying to fix it with fine-grained locking, just
move the lock to the wiphy/rdev (still need the list on each
wdev), we already need to hold the wdev lock to change it, so
there's no contention on the lock in any case. This trivially
fixes the bug since we hold one wdev's lock already, and now
will hold the lock that protects all lists.
CVSS信息
N/A
漏洞类别
N/A
漏洞标题
Linux kernel 安全漏洞
漏洞描述信息
Linux kernel是美国Linux基金会的开源操作系统Linux所使用的内核。 Linux kernel存在安全漏洞,该漏洞源于cfg80211_mgmt_registrations_update函数对其进行迭代而没有持有所有正确的自旋锁,从而导致列表损坏。
CVSS信息
N/A
漏洞类别
其他