Re: [PATCH v2] Drop reference added by grab_header

Zhou Chengming writes: > Fixes CVE-2016-9191, proc_sys_readdir doesn't drop reference > added by grab_header when return from !dir_emit_dots path. > It can cause any path called unregister_sysctl_table will > wait forever. Applied. Thank you. I fixed up the subject line to be more specific: "s

[PATCH v2] Drop reference added by grab_header

Fixes CVE-2016-9191, proc_sys_readdir doesn't drop reference added by grab_header when return from !dir_emit_dots path. It can cause any path called unregister_sysctl_table will wait forever. The calltrace of CVE-2016-9191: [ 5535.960522] Call Trace: [ 5535.963265] [] schedule+0x3f/0xa0 [ 5535.9