blob: 6be77e3b4f155618e01a2e345b2829dedea7db39 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
|
Description: [media] hdpvr: Fix an error handling path in hdpvr_probe()
References:
https://patchwork.kernel.org/patch/9966135/
Notes:
bwh> I believe this CVE is for passing a zeroed work_struct to
bwh> flush_work(), leading to an oops (denial of service). That
bwh> was introduced in 4.8 by commit 5612e191ca1f "[media] hdpvr:
bwh> Remove deprecated create_singlethread_workqueue". The patch
bwh> fixing this also fixes memory leaks on the failure path which
bwh> have been present for much longer.
Bugs:
upstream: released (4.16-rc1) [c0f71bbb810237a38734607ca4599632f7f5d47f]
4.9-upstream-stable: released (4.9.82) [198a7ddaf5d2c76130b28f19ed6d768860ea2b8e]
3.16-upstream-stable: N/A "Vulnerable code not present"
3.2-upstream-stable: N/A "Vulnerable code not present"
sid: released (4.14.7-1) [bugfix/all/media-hdpvr-fix-an-error-handling-path-in-hdpvr_prob.patch]
4.9-stretch-security: released (4.9.65-3+deb9u1) [bugfix/all/media-hdpvr-fix-an-error-handling-path-in-hdpvr_prob.patch]
3.16-jessie-security: N/A "Vulnerable code not present"
3.2-wheezy-security: N/A "Vulnerable code not present"
|