Описание
In the Linux kernel, the following vulnerability has been resolved:
xen/pcpu: fix possible memory leak in register_pcpu()
In device_add(), dev_set_name() is called to allocate name, if it returns error, the name need be freed. As comment of device_register() says, it should use put_device() to give up the reference in the error path. So fix this by calling put_device(), then the name can be freed in kobject_cleanup().
In the Linux kernel, the following vulnerability has been resolved:
xen/pcpu: fix possible memory leak in register_pcpu()
In device_add(), dev_set_name() is called to allocate name, if it returns error, the name need be freed. As comment of device_register() says, it should use put_device() to give up the reference in the error path. So fix this by calling put_device(), then the name can be freed in kobject_cleanup().
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2022-49816
- https://git.kernel.org/stable/c/0199bf0a8f74509736744c9e36f4473a5892a09d
- https://git.kernel.org/stable/c/6209a85079a035b5c2279b15b197531156b549fa
- https://git.kernel.org/stable/c/7ed540bcee2e24479524b9705cc7462b2652f944
- https://git.kernel.org/stable/c/bb9924a6edd9d4a9ef83a5f337af60f8a7a68f98
- https://git.kernel.org/stable/c/c08c13cb13fa3866dd0700db3b246fcd2043ab81
- https://git.kernel.org/stable/c/ccb22c876e8e7f62377e749c971907efe65d34c2
- https://git.kernel.org/stable/c/da36a2a76b01b210ffaa55cdc2c99bc8783697c5
- https://git.kernel.org/stable/c/e948f3c129d78537ded70bcc99c31f0b45f05dd7
CVE ID
Связанные уязвимости
[REJECTED CVE] In the Linux kernel, the following vulnerability has been resolved: xen/pcpu: fix possible memory leak in register_pcpu()
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.