[prev in list] [next in list] [prev in thread] [next in thread]
List: oss-security
Subject: [oss-security] Memory leak in Linux HID-elo driver
From: Dongliang Mu <mudongliangabcd () gmail ! com>
Date: 2022-03-13 12:59:49
Message-ID: CAD-N9QVuufAueZc5jeC0agddo3gE05YLjLOT4-q0n2wGJtMf=w () mail ! gmail ! com
[Download RAW message or body]
Hi oss-security,
There is one memory leak in Linux HID driver, introduced in v5.13.0.
When hid_parse in elo_probe fails, it forgets to call usb_put_dev to
decrease the refcount, leading to memory leak in the Linux kernel.
This is fixed by 817b8b9c5396 [1] and already backported to Linux
stable 5.15 and 5.16.
I am not sure how to request one CVE on the CVE request webpage. Any
help would be appreciated.
[1] https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=817b8b9c5396d2b2d92311b46719aad5d3339dbe
[2] https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=fbf42729d0e91332e8ce75a1ecce08b8a2dab9c1
--
My best regards to you.
No System Is Safe!
Dongliang Mu
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic