net: initialize skb->peeked when cloning · c5e0c93134 - evie/android_kernel_oneplus_msm8998 - Gay Catgirls Forgejo: gay catgirls having sex

evie/android_kernel_oneplus_msm8998

net: initialize skb->peeked when cloning

commit b13dda9f9aa7caceeee61c080c2e544d5f5d85e5 upstream.

syzbot reported __skb_try_recv_from_queue() was using skb->peeked
while it was potentially unitialized.

We need to clear it in __skb_clone()

Fixes: 1da177e4c3 ("Linux-2.6.12-rc2")
Signed-off-by: Eric Dumazet <edumazet@google.com>
Reported-by: syzbot <syzkaller@googlegroups.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

This commit is contained in:

Eric Dumazet

2018-04-07 13:42:39 -07:00

• committed by

Greg Kroah-Hartman

parent 1baf9dbeba

commit c5e0c93134

1 changed files with 1 additions and 0 deletions

									
										1

net/core/skbuff.c
									
										View file
										
				@ -827,6 +827,7 @@ static struct sk_buff *__skb_clone(struct sk_buff *n, struct sk_buff *skb)

					n->hdr_len = skb->nohdr ? skb_headroom(skb) : skb->hdr_len;

					n->cloned = 1;

					n->nohdr = 0;

					n->peeked = 0;

					n->destructor = NULL;

					C(tail);

					C(end);