| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <2025050123-CVE-2022-49793-f63c@gregkh>
Date: Thu, 1 May 2025 16:09:43 +0200
From: Greg Kroah-Hartman <gregkh@...uxfoundation.org>
To: linux-cve-announce@...r.kernel.org
Cc: Greg Kroah-Hartman <gregkh@...nel.org>
Subject: CVE-2022-49793: iio: trigger: sysfs: fix possible memory leak in iio_sysfs_trig_init()
From: Greg Kroah-Hartman <gregkh@...nel.org>
Description
===========
In the Linux kernel, the following vulnerability has been resolved:
iio: trigger: sysfs: fix possible memory leak in iio_sysfs_trig_init()
dev_set_name() allocates memory for name, it need be freed
when device_add() fails, call put_device() to give up the
reference that hold in device_initialize(), so that it can
be freed in kobject_cleanup() when the refcount hit to 0.
Fault injection test can trigger this:
unreferenced object 0xffff8e8340a7b4c0 (size 32):
comm "modprobe", pid 243, jiffies 4294678145 (age 48.845s)
hex dump (first 32 bytes):
69 69 6f 5f 73 79 73 66 73 5f 74 72 69 67 67 65 iio_sysfs_trigge
72 00 a7 40 83 8e ff ff 00 86 13 c4 f6 ee ff ff r..@............
backtrace:
[<0000000074999de8>] __kmem_cache_alloc_node+0x1e9/0x360
[<00000000497fd30b>] __kmalloc_node_track_caller+0x44/0x1a0
[<000000003636c520>] kstrdup+0x2d/0x60
[<0000000032f84da2>] kobject_set_name_vargs+0x1e/0x90
[<0000000092efe493>] dev_set_name+0x4e/0x70
The Linux kernel CVE team has assigned CVE-2022-49793 to this issue.
Affected and fixed versions
===========================
Issue introduced in 3.0 with commit 1f785681a87068f123d3e23da13b2c55ab4f93ac and fixed in 4.9.334 with commit f68c96821b61d2c71a35dbb8bf90c347fad624d9
Issue introduced in 3.0 with commit 1f785681a87068f123d3e23da13b2c55ab4f93ac and fixed in 4.14.300 with commit 5a39382aa5411d64b25a71516c2c7480aab13bb7
Issue introduced in 3.0 with commit 1f785681a87068f123d3e23da13b2c55ab4f93ac and fixed in 4.19.267 with commit b47bb521961f027b4dcf8683337a7a1ba9e5ea1f
Issue introduced in 3.0 with commit 1f785681a87068f123d3e23da13b2c55ab4f93ac and fixed in 5.4.225 with commit 0dd52e141afde089304de470148d311b05c14564
Issue introduced in 3.0 with commit 1f785681a87068f123d3e23da13b2c55ab4f93ac and fixed in 5.10.156 with commit 8dddf2699da296c84205582aaead6b43dd7e8c4b
Issue introduced in 3.0 with commit 1f785681a87068f123d3e23da13b2c55ab4f93ac and fixed in 5.15.80 with commit 656f670613662b6cc77aad14112db2803ad18fa8
Issue introduced in 3.0 with commit 1f785681a87068f123d3e23da13b2c55ab4f93ac and fixed in 6.0.10 with commit 2c4e65285bdea23fd36d2ff376006ac64db6f42e
Issue introduced in 3.0 with commit 1f785681a87068f123d3e23da13b2c55ab4f93ac and fixed in 6.1 with commit efa17e90e1711bdb084e3954fa44afb6647331c0
Please see https://www.kernel.org for a full list of currently supported
kernel versions by the kernel community.
Unaffected versions might change over time as fixes are backported to
older supported kernel versions. The official CVE entry at
https://cve.org/CVERecord/?id=CVE-2022-49793
will be updated if fixes are backported, please check that for the most
up to date information about this issue.
Affected files
==============
The file(s) affected by this issue are:
drivers/iio/trigger/iio-trig-sysfs.c
Mitigation
==========
The Linux kernel CVE team recommends that you update to the latest
stable kernel version for this, and many other bugfixes. Individual
changes are never tested alone, but rather are part of a larger kernel
release. Cherry-picking individual commits is not recommended or
supported by the Linux kernel community at all. If however, updating to
the latest release is impossible, the individual changes to resolve this
issue can be found at these commits:
https://git.kernel.org/stable/c/f68c96821b61d2c71a35dbb8bf90c347fad624d9
https://git.kernel.org/stable/c/5a39382aa5411d64b25a71516c2c7480aab13bb7
https://git.kernel.org/stable/c/b47bb521961f027b4dcf8683337a7a1ba9e5ea1f
https://git.kernel.org/stable/c/0dd52e141afde089304de470148d311b05c14564
https://git.kernel.org/stable/c/8dddf2699da296c84205582aaead6b43dd7e8c4b
https://git.kernel.org/stable/c/656f670613662b6cc77aad14112db2803ad18fa8
https://git.kernel.org/stable/c/2c4e65285bdea23fd36d2ff376006ac64db6f42e
https://git.kernel.org/stable/c/efa17e90e1711bdb084e3954fa44afb6647331c0
Powered by blists - more mailing lists