On Sep 4, 2025 Eric Dumazet <eduma...@google.com> wrote:
>
> syzbot found a bug in audit_buffer_alloc() if nlmsg_new() returns NULL.
>
> We need to initialize ab->skb_list before calling audit_buffer_free()
> which will use both the skb_list spinlock and list pointers.
>
> Fixes: eb59d494eebd ("audit: add record for multiple task security contexts")
> Reported-by: syzbot+bb185b018a51f8d91...@syzkaller.appspotmail.com
> Closes:
> https://lore.kernel.org/lkml/68b93e3c.a00a0220.eb3d.0000....@google.com/T/#u
> Signed-off-by: Eric Dumazet <eduma...@google.com>
> Cc: Casey Schaufler <ca...@schaufler-ca.com>
> Cc: Paul Moore <p...@paul-moore.com>
> Cc: Eric Paris <epa...@redhat.com>
> Cc: audit@vger.kernel.org
> ---
> kernel/audit.c | 3 ++-
> 1 file changed, 2 insertions(+), 1 deletion(-)
Thanks Eric, merged into audit/dev.
--
paul-moore.com
