CVE-2022-50343

In the Linux kernel, the following vulnerability has been resolved:

rapidio: fix possible name leaks when rio_add_device() fails

Patch series "rapidio: fix three possible memory leaks".

This patchset fixes three name leaks in error handling.
 - patch #1 fixes two name leaks while rio_add_device() fails.
 - patch #2 fixes a name leak while  rio_register_mport() fails.


This patch (of 2):

If rio_add_device() returns error, the name allocated by dev_set_name()
need be freed.  It should use put_device() to give up the reference in the
error path, so that the name can be freed in kobject_cleanup(), and the
'rdev' can be freed in rio_release_dev().
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
UNKNOWN
---
LinuxCNA
---
---
Awaiting analysis
This vulnerability is currently awaiting analysis.
Base Score
CVSS 3.x
EPSS Score
Percentile: Unknown
Debian logo
Debian Releases
Debian Product
Codename
linux
bullseye
5.10.223-1
fixed
bullseye (security)
5.10.237-1
fixed
bookworm
6.1.148-1
fixed
bookworm (security)
6.1.147-1
fixed
trixie
6.12.43-1
fixed
trixie (security)
6.12.41-1
fixed
forky
6.16.3-1
fixed
sid
6.16.7-1
fixed
References
https://git.kernel.org/stable/c/3b4676f274a6b5d001176f15d0542100bbf4b59a
https://git.kernel.org/stable/c/440afd7fd9b164fdde6fc9da8c47d3d7f20dcce8
https://git.kernel.org/stable/c/80fad2e53eaed2b3a2ff596575f65669e13ceda5
https://git.kernel.org/stable/c/85fbf58b15c09d3a6a03098c1e42ebfe9002f39d
https://git.kernel.org/stable/c/88fa351b20ca300693a206ccd3c4b0e0647944d8
https://git.kernel.org/stable/c/c413f65011ff8caffabcde0e1c3ceede48a48d6f
https://git.kernel.org/stable/c/c482cb0deb57924335103fe592c379a076d867f8
https://git.kernel.org/stable/c/ec3f04f74f50d0b6bac04d795c93c2b852753a7a
https://git.kernel.org/stable/c/f9574cd48679926e2a569e1957a5a1bcc8a719ac