CVE-2022-49191

In the Linux kernel, the following vulnerability has been resolved:

mxser: fix xmit_buf leak in activate when LSR == 0xff

When LSR is 0xff in ->activate() (rather unlike), we return an error.
Provided ->shutdown() is not called when ->activate() fails, nothing
actually frees the buffer in this case.

Fix this by properly freeing the buffer in a designated label. We jump
there also from the "!info->type" if now too.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
UNKNOWN
---
LinuxCNA
---
---
Awaiting analysis
This vulnerability is currently awaiting analysis.
Base Score
CVSS 3.x
EPSS Score
Percentile: 26%
Debian logo
Debian Releases
Debian Product
Codename
linux
bullseye
5.10.223-1
fixed
bullseye (security)
5.10.234-1
fixed
bookworm
6.1.123-1
fixed
bookworm (security)
6.1.128-1
fixed
trixie
6.12.12-1
fixed
sid
6.12.16-1
fixed
References
https://git.kernel.org/stable/c/125b7c929fc9b1e5eaa344bceb6367dfa6fd3f9d
https://git.kernel.org/stable/c/2cd05c38a27bee7fb42aa4d43174d68ac55dac0f
https://git.kernel.org/stable/c/376922045009f8ea2d20a8fa3475e95b47c41690
https://git.kernel.org/stable/c/685b6d16bf89595310b5d61394c9b97cc9505c7c
https://git.kernel.org/stable/c/6c9041b2f90c0eace73106f22350e1d2c98f5edc
https://git.kernel.org/stable/c/6dffc2035fbaada60ca8db59e0962e34f760370a
https://git.kernel.org/stable/c/996291d06851a26678a0fab488b6e1f0677c0576
https://git.kernel.org/stable/c/b125b08dbee3611f03f53b71471813ed4ccafcdd
https://git.kernel.org/stable/c/cd3a4907ee334b40d7aa880c7ab310b154fd5cd4