In the Linux kernel, the following vulnerability has been resolved: dmaengine: qcom: gpi: Fix memory leak in gpi_peripheral_config() Fix a memory leak in gpi_peripheral_config() where the original memory pointed to by gchan->config could be lost if krealloc() fails. The issue occurs when: 1. gchan->config points to previously allocated memory 2. krealloc() fails and returns NULL 3. The function directly assigns NULL to gchan->config, losing the reference to the original memory 4. The original memory becomes unreachable and cannot be freed Fix this by using a temporary variable to hold the krealloc() result and only updating gchan->config when the allocation succeeds. Found via static analysis and code review.
En el kernel de Linux, la siguiente vulnerabilidad ha sido resuelta: dmaengine: qcom: gpi: Corrección de fuga de memoria en gpi_peripheral_config() Corrige una fuga de memoria en gpi_peripheral_config() donde la memoria original apuntada por gchan->config podría perderse si krealloc() falla. El problema ocurre cuando: 1. gchan->config apunta a memoria previamente asignada 2. krealloc() falla y devuelve NULL 3. La función asigna directamente NULL a gchan->config, perdiendo la referencia a la memoria original 4. La memoria original se vuelve inalcanzable y no puede ser liberada Corrige esto utilizando una variable temporal para contener el resultado de krealloc() y actualizando gchan->config solo cuando la asignación tiene éxito. Encontrado mediante análisis estático y revisión de código.
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
| Attack Vector | LOCAL |
|---|---|
| Attack Complexity | LOW |
| Privileges Required | LOW |
| User Interaction | NONE |
| Scope | UNCHANGED |
| Confidentiality Impact | NONE |
| Integrity Impact | NONE |
| Availability Impact | HIGH |
| Source | Type | Description |
|---|---|---|
| [email protected] | Primary |
en
CWE-401
|
| Vendor | Product | Version | Update | Type |
|---|---|---|---|---|
| linux | linux_kernel | * | <built-in method update of dict object at 0x7f76027430c0> | Operating System |
| linux | linux_kernel | * | <built-in method update of dict object at 0x7f7636728280> | Operating System |
| linux | linux_kernel | * | <built-in method update of dict object at 0x7f76367292c0> | Operating System |
| linux | linux_kernel | * | <built-in method update of dict object at 0x7f763672b740> | Operating System |
| linux | linux_kernel | * | <built-in method update of dict object at 0x7f7602742380> | Operating System |
| linux | linux_kernel | 5.11 | <built-in method update of dict object at 0x7f7602743140> | Operating System |
| linux | linux_kernel | 6.19 | <built-in method update of dict object at 0x7f763672b340> | Operating System |
| linux | linux_kernel | 6.19 | <built-in method update of dict object at 0x7f763672af00> | Operating System |
| linux | linux_kernel | 6.19 | <built-in method update of dict object at 0x7f76367298c0> | Operating System |
| linux | linux_kernel | 6.19 | <built-in method update of dict object at 0x7f76394ccc00> | Operating System |
| linux | linux_kernel | 6.19 | <built-in method update of dict object at 0x7f763672be00> | Operating System |
| linux | linux_kernel | 6.19 | <built-in method update of dict object at 0x7f763672b680> | Operating System |
| linux | linux_kernel | 6.19 | <built-in method update of dict object at 0x7f763672bfc0> | Operating System |
| linux | linux_kernel | 6.19 | <built-in method update of dict object at 0x7f763672a400> | Operating System |
| Vulnerable | CPE |
|---|---|
| Yes | cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* |
| Yes | cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* |
| Yes | cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* |
| Yes | cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* |
| Yes | cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* |
| Yes | cpe:2.3:o:linux:linux_kernel:5.11:-:*:*:*:*:*:* |
| Yes | cpe:2.3:o:linux:linux_kernel:6.19:rc1:*:*:*:*:*:* |
| Yes | cpe:2.3:o:linux:linux_kernel:6.19:rc2:*:*:*:*:*:* |
| Yes | cpe:2.3:o:linux:linux_kernel:6.19:rc3:*:*:*:*:*:* |
| Yes | cpe:2.3:o:linux:linux_kernel:6.19:rc4:*:*:*:*:*:* |
| Yes | cpe:2.3:o:linux:linux_kernel:6.19:rc5:*:*:*:*:*:* |
| Yes | cpe:2.3:o:linux:linux_kernel:6.19:rc6:*:*:*:*:*:* |
| Yes | cpe:2.3:o:linux:linux_kernel:6.19:rc7:*:*:*:*:*:* |
| Yes | cpe:2.3:o:linux:linux_kernel:6.19:rc8:*:*:*:*:*:* |