Description
In the Linux kernel, the following vulnerability has been resolved: rapidio: replace rio_free_net() with kfree() in rio_scan_alloc_net() When idtab allocation fails, net is not registered with rio_add_net() yet, so kfree(net) is sufficient to release the memory. Set mport->net to NULL to avoid dangling pointer.
Product status
e6b585ca6e81badeb3d42db3cc408174f2826034 (git) before 83e579c2f7f6b1706323d744833b26470049dcc2
e6b585ca6e81badeb3d42db3cc408174f2826034 (git) before 34a4f233df5eef5f1f113b2196142c0568b387f8
e6b585ca6e81badeb3d42db3cc408174f2826034 (git) before fecf292c6691970897396190855aa38826b7104e
e6b585ca6e81badeb3d42db3cc408174f2826034 (git) before 649c2e853608cad0b0cba545555d168e67f094b3
e6b585ca6e81badeb3d42db3cc408174f2826034 (git) before 87272e3e70ec4b666885bd520ff77463c11444ef
e6b585ca6e81badeb3d42db3cc408174f2826034 (git) before e5a732bfe29451e16abf9c6f07ce5948b22f3d59
e6b585ca6e81badeb3d42db3cc408174f2826034 (git) before 78812c4fb7ed242d5961bf1337a49070d6487c94
e6b585ca6e81badeb3d42db3cc408174f2826034 (git) before 666183dcdd9ad3b8156a1df7f204f728f720380f
4.6
Any version before 4.6
5.10.252 (semver)
5.15.202 (semver)
6.1.165 (semver)
6.6.128 (semver)
6.12.75 (semver)
6.18.16 (semver)
6.19.6 (semver)
7.0 (original_commit_for_fix)
References
git.kernel.org/...c/83e579c2f7f6b1706323d744833b26470049dcc2
git.kernel.org/...c/34a4f233df5eef5f1f113b2196142c0568b387f8
git.kernel.org/...c/fecf292c6691970897396190855aa38826b7104e
git.kernel.org/...c/649c2e853608cad0b0cba545555d168e67f094b3
git.kernel.org/...c/87272e3e70ec4b666885bd520ff77463c11444ef
git.kernel.org/...c/e5a732bfe29451e16abf9c6f07ce5948b22f3d59
git.kernel.org/...c/78812c4fb7ed242d5961bf1337a49070d6487c94
git.kernel.org/...c/666183dcdd9ad3b8156a1df7f204f728f720380f