[X][B][CVE-2019-19062][SRU][PATCH 1/1] crypto: user - fix memory leak in crypto_report

Po-Hsu Lin po-hsu.lin at canonical.com
Fri Dec 6 10:08:30 UTC 2019

From: Navid Emamdoost <navid.emamdoost at gmail.com>


In crypto_report, a new skb is created via nlmsg_new(). This skb should
be released if crypto_report_alg() fails.

Fixes: a38f7907b926 ("crypto: Add userspace configuration API")
Cc: <stable at vger.kernel.org>
Signed-off-by: Navid Emamdoost <navid.emamdoost at gmail.com>
Signed-off-by: Herbert Xu <herbert at gondor.apana.org.au>
(backported from commit ffdde5932042600c6807d46c1550b28b0db6a3bc)
[PHLin: crypto_user.c not renamed yet, backported with the same logic]
Signed-off-by: Po-Hsu Lin <po-hsu.lin at canonical.com>
 crypto/crypto_user.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/crypto/crypto_user.c b/crypto/crypto_user.c
index 2b8fb8f..c0ad1a1 100644
--- a/crypto/crypto_user.c
+++ b/crypto/crypto_user.c
@@ -288,8 +288,10 @@ static int crypto_report(struct sk_buff *in_skb, struct nlmsghdr *in_nlh,
-	if (err)
+	if (err) {
+		kfree_skb(skb);
 		return err;
+	}
 	return nlmsg_unicast(crypto_nlsk, skb, NETLINK_CB(in_skb).portid);

More information about the kernel-team mailing list