CVE-2022-49821

Summary

In the Linux kernel, the following vulnerability has been resolved:

mISDN: fix possible memory leak in mISDN_dsp_element_register()

Afer commit 1fa5ae857bb1 ("driver core: get rid of struct device's bus_id string array"), the name of device is allocated dynamically, use put_device() to give up the reference, so that the name can be freed in kobject_cleanup() when the refcount is 0.

The 'entry' is going to be freed in mISDN_dsp_dev_release(), so the kfree() is removed. list_del() is called in mISDN_dsp_dev_release(), so it need be initialized.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux1fa5ae857bb14f6046205171d98506d8112dd74e < bbd53d05c4c892080ef3b617eff4f57903acecb9affected
LinuxLinux1fa5ae857bb14f6046205171d98506d8112dd74e < b119bedbefb7dd9ed8bf8cb9f1056504250d610eaffected
LinuxLinux1fa5ae857bb14f6046205171d98506d8112dd74e < 727ed7d28348c026c7ef4d852f3d0e5054d376e8affected
LinuxLinux1fa5ae857bb14f6046205171d98506d8112dd74e < 0f2c681900a01e3f23789bca26d88268c3d5b51daffected
LinuxLinux1fa5ae857bb14f6046205171d98506d8112dd74e < 083a2c9ef82e184bdf0b9f9a1e5fc38d32afbb47affected
LinuxLinux1fa5ae857bb14f6046205171d98506d8112dd74e < 7a05e3929668c8cfef495c69752a9e91fac4878faffected
LinuxLinux1fa5ae857bb14f6046205171d98506d8112dd74e < d4b8394725079670be309f9a35ad88a8cbbaaefdaffected
LinuxLinux1fa5ae857bb14f6046205171d98506d8112dd74e < 98a2ac1ca8fd6eca6867726fe238d06e75eb1acdaffected
LinuxLinux2.6.30affected
LinuxLinux0 < 2.6.30unaffected
LinuxLinux4.9.334 <= 4.9.*unaffected
LinuxLinux4.14.300 <= 4.14.*unaffected
LinuxLinux4.19.267 <= 4.19.*unaffected
LinuxLinux5.4.225 <= 5.4.*unaffected
LinuxLinux5.10.156 <= 5.10.*unaffected
LinuxLinux5.15.80 <= 5.15.*unaffected
LinuxLinux6.0.10 <= 6.0.*unaffected
LinuxLinux6.1 <= *unaffected

Weaknesses

References