In the Linux kernel, the following vulnerability has been resolved: comedi: Fix memory leak in compat_insnlist() compat_insnlist()
handles the 32-bit version of the COMEDI_INSNLIST
ioctl (whenwhen CONFIG_COMPAT
is enabled). It allocates memory to temporarily hold an array of struct comedi_insn
converted from the 32-bit version in user space. This memory is only being freed if there is a fault while filling the array, otherwise it is leaked. Add a call to kfree()
to fix the leak.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Debian | 12 | all | linux | < 5.14.9-1 | linux_5.14.9-1_all.deb |
Debian | 11 | all | linux | < 5.10.70-1 | linux_5.10.70-1_all.deb |
Debian | 999 | all | linux | < 5.14.9-1 | linux_5.14.9-1_all.deb |
Debian | 13 | all | linux | < 5.14.9-1 | linux_5.14.9-1_all.deb |