Description
In the Linux kernel, the following vulnerability has been resolved: mailbox: zynq-ipi: fix error handling while device_register() fails If device_register() fails, it has two issues: 1. The name allocated by dev_set_name() is leaked. 2. The parent of device is not NULL, device_unregister() is called in zynqmp_ipi_free_mboxes(), it will lead a kernel crash because of removing not added device. Call put_device() to give up the reference, so the name is freed in kobject_cleanup(). Add device registered check in zynqmp_ipi_free_mboxes() to avoid null-ptr-deref.
Product status
4981b82ba2ff87df6a711fcd7a233c615df5fc79 (git) before b3a5c76f61e2b380e29dfc6705854ca1ee85501d
4981b82ba2ff87df6a711fcd7a233c615df5fc79 (git) before a39b4de0804f9fe0ae911b359ffd4afe7d9d933b
4981b82ba2ff87df6a711fcd7a233c615df5fc79 (git) before 4f05d8e2fb3ab702c2633a74571e1b31cb579985
4981b82ba2ff87df6a711fcd7a233c615df5fc79 (git) before f2d63cefc012cafe1b7651bbf3302f8bcd8bea4a
4981b82ba2ff87df6a711fcd7a233c615df5fc79 (git) before 3fcf079958c00d83c51e4f250abf2c77fe9cc1b9
4981b82ba2ff87df6a711fcd7a233c615df5fc79 (git) before a6792a0cdef0b1c2d77920246283a72537e60e94
5.1
Any version before 5.1
5.4.229 (semver)
5.10.163 (semver)
5.15.86 (semver)
6.0.16 (semver)
6.1.2 (semver)
6.2 (original_commit_for_fix)
References
git.kernel.org/...c/b3a5c76f61e2b380e29dfc6705854ca1ee85501d
git.kernel.org/...c/a39b4de0804f9fe0ae911b359ffd4afe7d9d933b
git.kernel.org/...c/4f05d8e2fb3ab702c2633a74571e1b31cb579985
git.kernel.org/...c/f2d63cefc012cafe1b7651bbf3302f8bcd8bea4a
git.kernel.org/...c/3fcf079958c00d83c51e4f250abf2c77fe9cc1b9
git.kernel.org/...c/a6792a0cdef0b1c2d77920246283a72537e60e94
