[Devel] [PATCH RHEL10 COMMIT] ms/unshare: Fix nsproxy leak on set_cred_ucounts() error path
Konstantin Khorenko
khorenko at virtuozzo.com
Mon Dec 1 20:07:52 MSK 2025
The commit is pushed to "branch-rh10-6.12.0-55.13.1.2.x.vz10-ovz" and will appear at git at bitbucket.org:openvz/vzkernel.git
after rh10-6.12.0-55.13.1.2.21.vz10
------>
commit 6890c4105b786ae5015914e494b6471e11f3707e
Author: Pavel Tikhomirov <ptikhomirov at virtuozzo.com>
Date: Mon Nov 24 19:20:39 2025 +0800
ms/unshare: Fix nsproxy leak on set_cred_ucounts() error path
If unshare_nsproxy_namespaces() successfully creates the new_nsproxy,
but then set_cred_ucounts() fails, on its error path there is no cleanup
for new_nsproxy, so it is leaked. Let's fix that by freeing new_nsproxy
if it's not NULL on this error path.
https://virtuozzo.atlassian.net/browse/VSTOR-118289
Fixes: 905ae01c4ae2a ("Add a reference to ucounts for each cred")
Link: https://lore.kernel.org/all/20251118064552.936962-1-ptikhomirov@virtuozzo.com/
Signed-off-by: Pavel Tikhomirov <ptikhomirov at virtuozzo.com>
Feature: fix ms/unshare
---
kernel/fork.c | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/kernel/fork.c b/kernel/fork.c
index 95c0889a4b63b..f215fd4beec86 100644
--- a/kernel/fork.c
+++ b/kernel/fork.c
@@ -3334,8 +3334,11 @@ int ksys_unshare(unsigned long unshare_flags)
if (new_cred) {
err = set_cred_ucounts(new_cred);
- if (err)
+ if (err) {
+ if (new_nsproxy)
+ free_nsproxy(new_nsproxy);
goto bad_unshare_cleanup_cred;
+ }
}
if (new_fs || new_fd || do_sysvsem || new_cred || new_nsproxy) {
More information about the Devel
mailing list