ACK: [SRU][F][PATCH 0/1] CVE-2022-48863
Aaron Jauregui
aaron.jauregui at canonical.com
Wed Aug 14 00:40:17 UTC 2024
On Mon, Aug 12, 2024 at 04:19:52PM -0500, Bethany Jamison wrote:
> [Impact]
>
> mISDN: Fix memory leak in dsp_pipeline_build()
>
> dsp_pipeline_build() allocates dup pointer by kstrdup(cfg),
> but then it updates dup variable by strsep(&dup, "|").
> As a result when it calls kfree(dup), the dup variable contains NULL.
>
> Found by Linux Driver Verification project (linuxtesting.org) with SVACE.
>
> [Fix]
>
> Noble: not-affected
> Jammy: not-affected
> Focal: Backport - ignored context conflict from neighboring line, should
> not affect fix
> Bionic: fix sent to esm ML
> Xenial: fix sent to esm ML
> Trusty: won't fix
>
> [Test Case]
>
> Compiled
>
> [Where problems could occur]
>
> This fix affects those who use pipelined audio processing, an issue with
> this fix would be visible to the user via a decrease in system performance.
>
> Alexey Khoroshilov (1):
> mISDN: Fix memory leak in dsp_pipeline_build()
>
> drivers/isdn/mISDN/dsp_pipeline.c | 6 +++---
> 1 file changed, 3 insertions(+), 3 deletions(-)
Acked-by: Aaron Jauregui <aaron.jauregui at canonical.com>
More information about the kernel-team
mailing list