mirror of
https://github.com/LineageOS/android_kernel_fxtec_sm6115.git
synced 2026-04-04 05:46:47 +00:00
33eeccc251
Currently, remote heap maps get added to the global list before the
fastrpc_internal_mmap function completes the mapping. Meanwhile, the
fastrpc_internal_munmap function accesses the map, starts unmapping, and
frees the map before the fastrpc_internal_mmap function completes,
resulting in a use-after-free (UAF) issue. Add the map to the list after
the fastrpc_internal_mmap function completes the mapping.
Change-Id: I73c536718f3228b7cbb7a19b76270e0dd3e32bd1
Acked-by: Abhishek Singh <abhishes@qti.qualcomm.com>
Signed-off-by: Santosh Sakore <quic_ssakore@quicinc.com>
(cherry picked from commit 6f39d9be62)