Description
In the Linux kernel, the following vulnerability has been resolved: RDMA/vmw_pvrdma: Fix double free on pvrdma_alloc_ucontext() error path Sashiko points out that pvrdma_uar_free() is already called within pvrdma_dealloc_ucontext(), so calling it before triggers a double free.
Product status
29c8d9eba550c6d73d17cc1618a9f5f2a7345aa1 (git) before 269967d7693304e1f06ed2dff4ebbbeeb397cda4
29c8d9eba550c6d73d17cc1618a9f5f2a7345aa1 (git) before 1df5711121cdc11e76b889408fdbe459feba1d39
29c8d9eba550c6d73d17cc1618a9f5f2a7345aa1 (git) before 3a231c34c5bc3d3cfc850b877758ec9fdaa8a483
29c8d9eba550c6d73d17cc1618a9f5f2a7345aa1 (git) before ecc36a82ecfcfdf3c6606d209f22ec5543c410e0
29c8d9eba550c6d73d17cc1618a9f5f2a7345aa1 (git) before 45d25e3ec17900bf5a9d6876ff16ceee31c4c0e0
29c8d9eba550c6d73d17cc1618a9f5f2a7345aa1 (git) before 0c63333ff97bd1275294fd12840a0efe9d7a4c59
29c8d9eba550c6d73d17cc1618a9f5f2a7345aa1 (git) before 935ee27d0904aa944cbcc979094c20e5ef62eead
29c8d9eba550c6d73d17cc1618a9f5f2a7345aa1 (git) before e38e86995df27f1f854063dab1f0c6a513db3faf
4.10
Any version before 4.10
5.10.258 (semver)
5.15.209 (semver)
6.1.175 (semver)
6.6.140 (semver)
6.12.88 (semver)
6.18.30 (semver)
7.0.7 (semver)
7.1-rc3 (original_commit_for_fix)
References
git.kernel.org/...c/269967d7693304e1f06ed2dff4ebbbeeb397cda4
git.kernel.org/...c/1df5711121cdc11e76b889408fdbe459feba1d39
git.kernel.org/...c/3a231c34c5bc3d3cfc850b877758ec9fdaa8a483
git.kernel.org/...c/ecc36a82ecfcfdf3c6606d209f22ec5543c410e0
git.kernel.org/...c/45d25e3ec17900bf5a9d6876ff16ceee31c4c0e0
git.kernel.org/...c/0c63333ff97bd1275294fd12840a0efe9d7a4c59
git.kernel.org/...c/935ee27d0904aa944cbcc979094c20e5ef62eead
git.kernel.org/...c/e38e86995df27f1f854063dab1f0c6a513db3faf