Headline
CVE-2021-44733: git/torvalds/linux.git - Linux kernel source tree
A use-after-free exists in drivers/tee/tee_shm.c in the TEE subsystem in the Linux kernel through 5.15.11. This occurs because of a race condition in tee_shm_get_from_id during an attempt to free a shared memory object.
Age
Commit message (Expand)
Author
Files
Lines
2021-10-25
dma-buf: move dma-buf symbols into the DMA_BUF module namespace
Greg Kroah-Hartman
1
-0/+3
2021-07-21
tee: Correct inappropriate usage of TEE_SHM_DMA_BUF flag
Sumit Garg
1
-2/+2
2021-07-21
tee: add tee_shm_alloc_kernel_buf()
Jens Wiklander
1
-0/+18
2020-08-25
tee: convert get_user_pages() --> pin_user_pages()
John Hubbard
1
-13/+19
2020-05-25
Merge tag ‘tee-smatch-for-5.8’ of git://git.linaro.org/people/jens.wiklander/…
Arnd Bergmann
1
-2/+1
2020-04-20
tee: enable support to register kernel memory
Sumit Garg
1
-3/+25
2020-04-20
tee: remove unnecessary NULL check in tee_shm_alloc()
Dan Carpenter
1
-2/+1
2020-02-28
tee: tee_shm_op_mmap(): use TEE_SHM_USER_MAPPED
Jens Wiklander
1
-1/+1
2020-02-28
tee: remove redundant teedev in struct tee_shm
Jens Wiklander
1
-5/+2
2020-02-28
tee: don’t assign shm id for private shms
Jens Wiklander
1
-13/+18
2020-02-28
tee: remove unused tee_shm_priv_alloc()
Jens Wiklander
1
-31/+2
2020-02-28
tee: remove linked list of struct tee_shm
Jens Wiklander
1
-11/+1
2019-11-25
drm/tee_shm: Drop dma_buf_k(unmap) support
Daniel Vetter
1
-6/+0
2019-09-25
tee/shm: untag user pointers in tee_shm_register
Andrey Konovalov
1
-0/+1
2019-06-05
treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 282
Thomas Gleixner
1
-10/+1
2019-05-14
mm/gup: change GUP fast to use flags rather than a write ‘bool’
Ira Weiny
1
-1/+1
2018-06-22
Merge tag ‘drm-misc-next-2018-06-21’ of git://anongit.freedesktop.org/drm/drm…
Dave Airlie
1
-6/+0
2018-06-20
dma-buf: remove kmap_atomic interface
Christian König
1
-6/+0
2018-05-07
tee: shm: fix use-after-free via temporarily dropped reference
Jann Horn
1
-2/+3
2018-01-09
tee: shm: Potential NULL dereference calling tee_shm_register()
Dan Carpenter
1
-1/+1
2017-12-28
tee: shm: don’t put_page on null shm->pages
Colin Ian King
1
-3/+5
2017-12-28
tee: shm: make function __tee_shm_alloc static
Colin Ian King
1
-3/+3
2017-12-28
tee: add start argument to shm_register callback
Jens Wiklander
1
-1/+1
2017-12-15
tee: shm: inline tee_shm_get_id()
Volodymyr Babchuk
1
-11/+0
2017-12-15
tee: use reference counting for tee_context
Volodymyr Babchuk
1
-0/+7
2017-12-15
tee: add register user memory
Jens Wiklander
1
-26/+180
2017-12-15
tee: flexible shared memory pool creation
Jens Wiklander
1
-4/+4
2017-08-04
tee: tee_shm: Constify dma_buf_ops structures.
Arvind Yadav
1
-1/+1
2017-05-10
Merge tag ‘armsoc-tee’ of git://git.kernel.org/pub/scm/linux/kernel/git/arm/a…
Linus Torvalds
1
-0/+358
2017-03-09
tee: generic TEE subsystem
Jens Wiklander
1
-0/+358