From: Cong Wang <[email protected]>
Date: Mon, 22 Jul 2019 20:41:22 -0700
> sock_efree() releases the sock refcnt, if we don't hold this refcnt
> when setting skb->destructor to it, the refcnt would not be balanced.
> This leads to several bug reports from syzbot.
>
> I have checked other users of sock_efree(), all of them hold the
> sock refcnt.
>
> Fixes: c8c8218ec5af ("netrom: fix a memory leak in nr_rx_frame()")
> Reported-and-tested-by:
> <[email protected]>
> Reported-and-tested-by:
> <[email protected]>
> Reported-and-tested-by:
> <[email protected]>
> Reported-and-tested-by:
> <[email protected]>
> Cc: Ralf Baechle <[email protected]>
> Signed-off-by: Cong Wang <[email protected]>
Applied and queued up for -stable.
