ACK: [SRU][F][PATCH 0/2] CVE-2021-47070
Portia Stephens
portia.stephens at canonical.com
Tue Apr 2 05:40:46 UTC 2024
On Mon, Apr 01, 2024 at 06:12:06PM -0500, Bethany Jamison wrote:
> [Impact]
>
> In the Linux kernel, the following vulnerability has been resolved:
>
> uio_hv_generic: Fix another memory leak in error handling paths
>
> Memory allocated by 'vmbus_alloc_ring()' at the beginning of the probe
> function is never freed in the error handling path.
>
> Add the missing 'vmbus_free_ring()' call.
>
> Note that it is already freed in the .remove function.
>
> [Fix]
>
> Mantic: not-affected
> Jammy: not-affected
> Focal: Fix and prereq commits were cleanly cherry-picked.
> Bionic: not-affected
> Xenial: not-affected
> Trusty: not-affected
>
> [Test Case]
>
> Compile and boot tested.
>
> [Where problems could occur]
>
> This fix affects those who use the hyper-v UIO driver, issues with the
> fix would be visible with loss of memory resources including slower
> performance and potentially a future system crash.
>
> Alexandru Ardelean (1):
> uio: uio_hv_generic: use devm_kzalloc() for private data alloc
>
> Christophe JAILLET (1):
> uio_hv_generic: Fix another memory leak in error handling paths
>
> drivers/uio/uio_hv_generic.c | 12 +++++-------
> 1 file changed, 5 insertions(+), 7 deletions(-)
Acked-by: Portia Stephens <portia.stephens at canonical.com>
More information about the kernel-team
mailing list