From 5b7085146310e6fdde964dc3c3680d2e6f642e20 Mon Sep 17 00:00:00 2001
From: Zhang_facai <1653421500@qq.com>
Date: Thu, 26 Dec 2024 10:22:24 +0000
Subject: [PATCH] fix CVE-2024-5031

Signed-off-by: Zhang_facai <1653421500@qq.com>
---
 security/keys/keyring.c | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/security/keys/keyring.c b/security/keys/keyring.c
index 3474e9b1a46a..18bb2265c7ea 100644
--- a/security/keys/keyring.c
+++ b/security/keys/keyring.c
@@ -901,8 +901,11 @@ static bool search_nested_keyrings(struct key *keyring,
 	for (; slot < ASSOC_ARRAY_FAN_OUT; slot++) {
 		ptr = READ_ONCE(node->slots[slot]);
 
-		if (assoc_array_ptr_is_meta(ptr) && node->back_pointer)
-			goto descend_to_node;
+		if (assoc_array_ptr_is_meta(ptr)) {
+			if (node->back_pointer ||
+			        assoc_array_ptr_is_shortcut(ptr))
+				        goto descend_to_node;
+		}
 
 		if (!keyring_ptr_is_keyring(ptr))
 			continue;
-- 
Gitee