APPLIED/CMT[B]: [BIONIC][CVE-2019-19054][PATCH] media: rc: prevent memory leak in cx23888_ir_probe
Ian May
ian.may at canonical.com
Tue Aug 25 22:07:29 UTC 2020
This patch was applied in the following patchset:
Bionic update: upstream stable patchset 2020-08-11
https://bugs.launchpad.net/bugs/1891228
Thanks!
Ian
On 2020-08-12 15:33:44 , William Breathitt Gray wrote:
> From: Navid Emamdoost <navid.emamdoost at gmail.com>
>
> In cx23888_ir_probe if kfifo_alloc fails the allocated memory for state
> should be released.
>
> Signed-off-by: Navid Emamdoost <navid.emamdoost at gmail.com>
> Signed-off-by: Sean Young <sean at mess.org>
> Signed-off-by: Mauro Carvalho Chehab <mchehab+samsung at kernel.org>
>
> CVE-2019-19054
>
> (cherry picked from a7b2df76b42bdd026e3106cf2ba97db41345a177)
> Signed-off-by: William Breathitt Gray <william.gray at canonical.com>
> ---
> drivers/media/pci/cx23885/cx23888-ir.c | 5 ++++-
> 1 file changed, 4 insertions(+), 1 deletion(-)
>
> diff --git a/drivers/media/pci/cx23885/cx23888-ir.c b/drivers/media/pci/cx23885/cx23888-ir.c
> index 040323b0f945..f63a7e6f272c 100644
> --- a/drivers/media/pci/cx23885/cx23888-ir.c
> +++ b/drivers/media/pci/cx23885/cx23888-ir.c
> @@ -1178,8 +1178,11 @@ int cx23888_ir_probe(struct cx23885_dev *dev)
> return -ENOMEM;
>
> spin_lock_init(&state->rx_kfifo_lock);
> - if (kfifo_alloc(&state->rx_kfifo, CX23888_IR_RX_KFIFO_SIZE, GFP_KERNEL))
> + if (kfifo_alloc(&state->rx_kfifo, CX23888_IR_RX_KFIFO_SIZE,
> + GFP_KERNEL)) {
> + kfree(state);
> return -ENOMEM;
> + }
>
> state->dev = dev;
> sd = &state->sd;
> --
> 2.25.1
>
>
> --
> kernel-team mailing list
> kernel-team at lists.ubuntu.com
> https://lists.ubuntu.com/mailman/listinfo/kernel-team
More information about the kernel-team
mailing list