[D][E][F][SRU][CVE-2019-19050][PATCH 1/1] crypto: user - fix memory leak in crypto_reportstat
Po-Hsu Lin
po-hsu.lin at canonical.com
Mon Dec 2 04:52:28 UTC 2019
From: Navid Emamdoost <navid.emamdoost at gmail.com>
CVE-2019-19050
In crypto_reportstat, a new skb is created by nlmsg_new(). This skb is
leaked if crypto_reportstat_alg() fails. Required release for skb is
added.
Fixes: cac5818c25d0 ("crypto: user - Implement a generic crypto statistics")
Cc: <stable at vger.kernel.org>
Signed-off-by: Navid Emamdoost <navid.emamdoost at gmail.com>
Signed-off-by: Herbert Xu <herbert at gondor.apana.org.au>
(cherry picked from commit c03b04dcdba1da39903e23cc4d072abf8f68f2dd)
Signed-off-by: Po-Hsu Lin <po-hsu.lin at canonical.com>
---
crypto/crypto_user_stat.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/crypto/crypto_user_stat.c b/crypto/crypto_user_stat.c
index 3e9a53233d80..0c0cb9d19591 100644
--- a/crypto/crypto_user_stat.c
+++ b/crypto/crypto_user_stat.c
@@ -330,8 +330,10 @@ int crypto_reportstat(struct sk_buff *in_skb, struct nlmsghdr *in_nlh,
drop_alg:
crypto_mod_put(alg);
- if (err)
+ if (err) {
+ kfree_skb(skb);
return err;
+ }
return nlmsg_unicast(crypto_nlsk, skb, NETLINK_CB(in_skb).portid);
}
--
2.17.1
More information about the kernel-team
mailing list