摘要:
In the Linux kernel, the following vulnerability has been resolved:
dma-buf/sync_file: Don't leak fences on merge failure
Each add_fence() call does a dma_fence_get() on the relevant fence. In
the error path, we weren't calling dma_fence_put() so all those fences
got leaked. Also, in the krealloc_array failure case, we weren't
freeing the fences array. Instead, ensure that i and fences are always
zero-initialized and dma_fence_put() all the fences and kfree(fences) on
every error path.
安全等级: Low
公告ID: KylinSec-SA-2024-2556
发布日期: 2024年6月3日
关联CVE: CVE-2021-47305
In the Linux kernel, the following vulnerability has been resolved:
dma-buf/sync_file: Don't leak fences on merge failure
Each add_fence() call does a dma_fence_get() on the relevant fence. In
the error path, we weren't calling dma_fence_put() so all those fences
got leaked. Also, in the krealloc_array failure case, we weren't
freeing the fences array. Instead, ensure that i and fences are always
zero-initialized and dma_fence_put() all the fences and kfree(fences) on
every error path.
| cve名称 | 产品 | 组件 | 是否受影响 |
|---|---|---|---|
| CVE-2021-47305 | KY3.4-4A | kernel | Unaffected |
| CVE-2021-47305 | KY3.4-5A | kernel | Unaffected |
| CVE-2021-47305 | KY3.5.1 | kernel | Unaffected |
| CVE-2021-47305 | V6 | kernel | Unaffected |
