ATM: CVE-2008-5079: duplicate listen() on socket corrupts the vcc table (17b24b3c) · Commits · e / devices / android_kernel_oneplus_sm7250

net/atm/svc.c

+5 −1

Original line number	Diff line number	Diff line
		@@ -293,7 +293,10 @@ static int svc_listen(struct socket *sock,int backlog)
		error = -EINVAL;
		goto out;
		}
		vcc_insert_socket(sk);
		if (test_bit(ATM_VF_LISTEN, &vcc->flags)) {
		error = -EADDRINUSE;
		goto out;
		}
		set_bit(ATM_VF_WAITING, &vcc->flags);
		prepare_to_wait(sk->sk_sleep, &wait, TASK_UNINTERRUPTIBLE);
		sigd_enq(vcc,as_listen,NULL,NULL,&vcc->local);
		@@ -307,6 +310,7 @@ static int svc_listen(struct socket *sock,int backlog)
		goto out;
		}
		set_bit(ATM_VF_LISTEN,&vcc->flags);
		vcc_insert_socket(sk);
		sk->sk_max_ack_backlog = backlog > 0 ? backlog : ATM_BACKLOG_DEFAULT;
		error = -sk->sk_err;
		out: