From patchwork Mon Apr 1 23:12:06 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Bethany Jamison X-Patchwork-Id: 1918581 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=lists.ubuntu.com (client-ip=185.125.189.65; helo=lists.ubuntu.com; envelope-from=kernel-team-bounces@lists.ubuntu.com; receiver=patchwork.ozlabs.org) Received: from lists.ubuntu.com (lists.ubuntu.com [185.125.189.65]) (using TLSv1.2 with cipher ECDHE-ECDSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4V7mxk42cbz1yZB for ; Tue, 2 Apr 2024 10:12:25 +1100 (AEDT) Received: from localhost ([127.0.0.1] helo=lists.ubuntu.com) by lists.ubuntu.com with esmtp (Exim 4.86_2) (envelope-from ) id 1rrQp7-0001o8-15; Mon, 01 Apr 2024 23:12:17 +0000 Received: from smtp-relay-internal-1.internal ([10.131.114.114] helo=smtp-relay-internal-1.canonical.com) by lists.ubuntu.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1rrQp3-0001ng-Fc for kernel-team@lists.ubuntu.com; Mon, 01 Apr 2024 23:12:13 +0000 Received: from mail-io1-f69.google.com (mail-io1-f69.google.com [209.85.166.69]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by smtp-relay-internal-1.canonical.com (Postfix) with ESMTPS id 61DFA3F118 for ; Mon, 1 Apr 2024 23:12:12 +0000 (UTC) Received: by mail-io1-f69.google.com with SMTP id ca18e2360f4ac-7cc01445f6bso526145139f.3 for ; Mon, 01 Apr 2024 16:12:12 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1712013130; x=1712617930; h=content-transfer-encoding:mime-version:message-id:date:subject:to :from:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=z/4U48PD/MS4pe5nCuWd7OhUg9l284tQ8y/6R37kea4=; b=pp6kzLUGcDGIIXd16YHe1ywzKjpHOC0ZdqQczSQPx2ZsrMa9iehCwQ7k36qu/tLd1K VpQmcq5jG7fcjN/67tPSUAji9Na+YOTlA997TxKiesAfaQD7b6FFT8gOGfcdJ36ra8gV jpuBVj1WIxui+XRWRWbkHO4jcnNJIIb08XE9fJoifUDpLhEoYpBCEDvaFwud9CT2+vpa Ii4dPgtkGlHNxG1pkrVqnMWbRzTJabQC8bBmVfDIDtxa31Thr+Jw+XphmZtVDRSvWy2M 0n9fDHSdqEwjPIJ/YSVarDEMv4NWHp1emkOEAwEwfVTu6uB5FfdLQn3g+6ggH4BCJAyN WZBA== X-Gm-Message-State: AOJu0Yz6B7HuIScFClm9jpnuKn775szpHdii/qo719Z3z0qZzfFe0Jk7 js6Jco8nECsoStDRQ4k5zbbAJ4dgax6cxkRNwbEk01lFQ2SGp6LFOf7d5dSBjSwmwNiwmG/wOG3 w6vDzr1NfsRYk+Nj4EJ5R5WK7+knBRwnp4SXisgkZWmKWrJm2koQ+qfiUjnLmBnw6PxieboH4LO oKC8oZYkX7rg== X-Received: by 2002:a6b:7c01:0:b0:7d0:c0e4:2ca4 with SMTP id m1-20020a6b7c01000000b007d0c0e42ca4mr6131423iok.12.1712013130474; Mon, 01 Apr 2024 16:12:10 -0700 (PDT) X-Google-Smtp-Source: AGHT+IFcAm/akKNAux3EiZBJrxH4ZvsVSq6wYuYKearaGUxTrbbFZZwm5nH+4AJNXoXxn0nG8sRLNw== X-Received: by 2002:a6b:7c01:0:b0:7d0:c0e4:2ca4 with SMTP id m1-20020a6b7c01000000b007d0c0e42ca4mr6131415iok.12.1712013130112; Mon, 01 Apr 2024 16:12:10 -0700 (PDT) Received: from smtp.gmail.com (104-218-69-129.dynamic.lnk.ne.allofiber.net. [104.218.69.129]) by smtp.gmail.com with ESMTPSA id z35-20020a0293a6000000b0047d678aab4asm2902260jah.22.2024.04.01.16.12.09 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 01 Apr 2024 16:12:09 -0700 (PDT) From: Bethany Jamison To: kernel-team@lists.ubuntu.com Subject: [SRU][F][PATCH 0/2] CVE-2021-47070 Date: Mon, 1 Apr 2024 18:12:06 -0500 Message-Id: <20240401231208.58101-1-bethany.jamison@canonical.com> X-Mailer: git-send-email 2.34.1 MIME-Version: 1.0 X-BeenThere: kernel-team@lists.ubuntu.com X-Mailman-Version: 2.1.20 Precedence: list List-Id: Kernel team discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: kernel-team-bounces@lists.ubuntu.com Sender: "kernel-team" [Impact] In the Linux kernel, the following vulnerability has been resolved: uio_hv_generic: Fix another memory leak in error handling paths Memory allocated by 'vmbus_alloc_ring()' at the beginning of the probe function is never freed in the error handling path. Add the missing 'vmbus_free_ring()' call. Note that it is already freed in the .remove function. [Fix] Mantic: not-affected Jammy: not-affected Focal: Fix and prereq commits were cleanly cherry-picked. Bionic: not-affected Xenial: not-affected Trusty: not-affected [Test Case] Compile and boot tested. [Where problems could occur] This fix affects those who use the hyper-v UIO driver, issues with the fix would be visible with loss of memory resources including slower performance and potentially a future system crash. Alexandru Ardelean (1): uio: uio_hv_generic: use devm_kzalloc() for private data alloc Christophe JAILLET (1): uio_hv_generic: Fix another memory leak in error handling paths drivers/uio/uio_hv_generic.c | 12 +++++------- 1 file changed, 5 insertions(+), 7 deletions(-) Acked-by: Portia Stephens Acked-by: Tim Gardner