In the Linux kernel, the following vulnerability has been resolved: comedi: Fix memory leak in compat_insnlist() compat_insnlist()
handles the 32-bit version of the COMEDI_INSNLIST
ioctl (whenwhen CONFIG_COMPAT
is enabled). It allocates memory to temporarily hold an array of struct comedi_insn
converted from the 32-bit version in user space. This memory is only being freed if there is a fault while filling the array, otherwise it is leaked. Add a call to kfree()
to fix the leak.