CVE-2022-48698 – drm/amd/display: fix memory leak when using debugfs_lookup()
https://notcve.org/view.php?id=CVE-2022-48698
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: fix memory leak when using debugfs_lookup() When calling debugfs_lookup() the result must have dput() called on it, otherwise the memory will leak over time. Fix this up by properly calling dput(). En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: drm/amd/display: soluciona la pérdida de memoria al usar debugfs_lookup() Al llamar a debugfs_lookup(), el resultado debe tener llamado dput(); de lo contrario, la memoria se perderá con el tiempo. Solucione este problema llamando correctamente a dput(). • https://git.kernel.org/stable/c/58acd2ebae034db3bacf38708f508fbd12ae2e54 https://git.kernel.org/stable/c/3a6279d243cb035eaaff1450980b40cf19748f05 https://git.kernel.org/stable/c/cbfac7fa491651c57926c99edeb7495c6c1aeac2 •
CVE-2022-48670 – peci: cpu: Fix use-after-free in adev_release()
https://notcve.org/view.php?id=CVE-2022-48670
In the Linux kernel, the following vulnerability has been resolved: peci: cpu: Fix use-after-free in adev_release() When auxiliary_device_add() returns an error, auxiliary_device_uninit() is called, which causes refcount for device to be decremented and .release callback will be triggered. Because adev_release() re-calls auxiliary_device_uninit(), it will cause use-after-free: [ 1269.455172] WARNING: CPU: 0 PID: 14267 at lib/refcount.c:28 refcount_warn_saturate+0x110/0x15 [ 1269.464007] refcount_t: underflow; use-after-free. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: peci: cpu: corrige use-after-free en adev_release() Cuando auxiliar_device_add() devuelve un error, se llama a auxiliar_device_uninit(), lo que hace que se disminuya el recuento del dispositivo y . Se activará la devolución de llamada de liberación. Debido a que adev_release() vuelve a llamar a auxiliar_device_uninit(), provocará use-after-free: [1269.455172] ADVERTENCIA: CPU: 0 PID: 14267 en lib/refcount.c:28 refcount_warn_saturate+0x110/0x15 [1269.464007] refcount_t: underflow ; use-after-free. • https://git.kernel.org/stable/c/c87f1f99e26ea4ae08cabe753ae98e5626bdba89 https://git.kernel.org/stable/c/1c11289b34ab67ed080bbe0f1855c4938362d9cf • CWE-416: Use After Free •
CVE-2024-27388 – SUNRPC: fix some memleaks in gssx_dec_option_array
https://notcve.org/view.php?id=CVE-2024-27388
In the Linux kernel, the following vulnerability has been resolved: SUNRPC: fix some memleaks in gssx_dec_option_array The creds and oa->data need to be freed in the error-handling paths after their allocation. So this patch add these deallocations in the corresponding paths. En el kernel de Linux, se resolvió la siguiente vulnerabilidad: SUNRPC: corrige algunas fugas de mem en gssx_dec_option_array Los creds y oa->data deben liberarse en las rutas de manejo de errores después de su asignación. Entonces este parche agrega estas desasignaciones en las rutas correspondientes. • https://git.kernel.org/stable/c/1d658336b05f8697d6445834f8867f8ad5e4f735 https://git.kernel.org/stable/c/b97c37978ca825557d331c9012e0c1ddc0e42364 https://git.kernel.org/stable/c/bfa9d86d39a0fe4685f90c3529aa9bd62a9d97a8 https://git.kernel.org/stable/c/bb336cd8d5ecb69c430ebe3e7bcff68471d93fa8 https://git.kernel.org/stable/c/dd292e884c649f9b1c18af0ec75ca90b390cd044 https://git.kernel.org/stable/c/934212a623cbab851848b6de377eb476718c3e4c https://git.kernel.org/stable/c/5e6013ae2c8d420faea553d363935f65badd32c3 https://git.kernel.org/stable/c/9806c2393cd2ab0a8e7bb9ffae02ce20e •
CVE-2024-27078 – media: v4l2-tpg: fix some memleaks in tpg_alloc
https://notcve.org/view.php?id=CVE-2024-27078
In the Linux kernel, the following vulnerability has been resolved: media: v4l2-tpg: fix some memleaks in tpg_alloc In tpg_alloc, resources should be deallocated in each and every error-handling paths, since they are allocated in for statements. Otherwise there would be memleaks because tpg_free is called only when tpg_alloc return 0. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: medio: v4l2-tpg: corrige algunas fugas de memoria en tpg_alloc En tpg_alloc, los recursos deben desasignarse en todas y cada una de las rutas de manejo de errores, ya que se asignan en declaraciones for. De lo contrario, habría memleaks porque se llama a tpg_free solo cuando tpg_alloc devuelve 0. • https://git.kernel.org/stable/c/63881df94d3ecbb0deafa0b77da62ff2f32961c4 https://git.kernel.org/stable/c/0de691ff547d86dd54c24b40a81f9c925df8dd77 https://git.kernel.org/stable/c/8269ab16415f2065cd792c49b0475543936cbd79 https://git.kernel.org/stable/c/94303a06e1852a366e9671fff46d19459f88cb28 https://git.kernel.org/stable/c/770a57922ce36a8476c43f7400b6501c554ea511 https://git.kernel.org/stable/c/6bf5c2fade8ed53b2d26fa9875e5b04f36c7145d https://git.kernel.org/stable/c/4c86c772fef06f5d7a66151bac42366825db0941 https://git.kernel.org/stable/c/31096da07933598da8522c54bd007376f •
CVE-2024-27074 – media: go7007: fix a memleak in go7007_load_encoder
https://notcve.org/view.php?id=CVE-2024-27074
In the Linux kernel, the following vulnerability has been resolved: media: go7007: fix a memleak in go7007_load_encoder In go7007_load_encoder, bounce(i.e. go->boot_fw), is allocated without a deallocation thereafter. After the following call chain: saa7134_go7007_init |-> go7007_boot_encoder |-> go7007_load_encoder |-> kfree(go) go is freed and thus bounce is leaked. En el kernel de Linux, se resolvió la siguiente vulnerabilidad: medios: go7007: corrige una fuga de memoria en go7007_load_encoder En go7007_load_encoder, el rebote (es decir, go->boot_fw) se asigna sin una desasignación posterior. Después de la siguiente cadena de llamadas: saa7134_go7007_init |-> go7007_boot_encoder |-> go7007_load_encoder |-> kfree(go) go se libera y, por lo tanto, se filtra el rebote. • https://git.kernel.org/stable/c/95ef39403f890360a3e48fe550d8e8e5d088ad74 https://git.kernel.org/stable/c/7f11dd3d165b178e738fe73dfeea513e383bedb5 https://git.kernel.org/stable/c/291cda0b805fc0d6e90d201710311630c8667159 https://git.kernel.org/stable/c/b49fe84c6cefcc1c2336d793b53442e716c95073 https://git.kernel.org/stable/c/790fa2c04dfb9f095ec372bf17909424d6e864b3 https://git.kernel.org/stable/c/e04d15c8bb3e111dd69f98894acd92d63e87aac3 https://git.kernel.org/stable/c/f31c1cc37411f5f7bcb266133f9a7e1b4bdf2975 https://git.kernel.org/stable/c/d43988a23c32588ccd0c74219637afb96 •