Описание
In the Linux kernel, the following vulnerability has been resolved:
fscrypt: fix keyring memory leak on mount failure
Commit d7e7b9af104c ("fscrypt: stop using keyrings subsystem for fscrypt_master_key") moved the keyring destruction from __put_super() to generic_shutdown_super() so that the filesystem's block device(s) are still available. Unfortunately, this causes a memory leak in the case where a mount is attempted with the test_dummy_encryption mount option, but the mount fails after the option has already been processed.
To fix this, attempt the keyring destruction in both places.
In the Linux kernel, the following vulnerability has been resolved:
fscrypt: fix keyring memory leak on mount failure
Commit d7e7b9af104c ("fscrypt: stop using keyrings subsystem for fscrypt_master_key") moved the keyring destruction from __put_super() to generic_shutdown_super() so that the filesystem's block device(s) are still available. Unfortunately, this causes a memory leak in the case where a mount is attempted with the test_dummy_encryption mount option, but the mount fails after the option has already been processed.
To fix this, attempt the keyring destruction in both places.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2022-49897
- https://git.kernel.org/stable/c/0b1747653b102c555bac745ebe5ca86cdd20e43f
- https://git.kernel.org/stable/c/29997a6fa60de1de2fa0de471e7652efa6e95868
- https://git.kernel.org/stable/c/ccd30a476f8e864732de220bd50e6f372f5ebcab
- https://git.kernel.org/stable/c/cff805b1518f38d57866065343db2285f2dcd5ab
CVE ID
Связанные уязвимости
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
[REJECTED CVE] In the Linux kernel, the following vulnerability has been resolved: fscrypt: fix keyring memory leak on mount failure
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.