CVE-2022-49301

In the Linux kernel, the following vulnerability has been resolved:

staging: rtl8712: fix uninit-value in usb_read8() and friends

When r8712usbctrlvendorreq() returns negative, 'data' in usb_read{8,16,32} will not be initialized.

BUG: KMSAN: uninit-value in stringnocheck lib/vsprintf.c:643 [inline] BUG: KMSAN: uninit-value in string+0x4ec/0x6f0 lib/vsprintf.c:725 stringnocheck lib/vsprintf.c:643 [inline] string+0x4ec/0x6f0 lib/vsprintf.c:725 vsnprintf+0x2222/0x3650 lib/vsprintf.c:2806 vaformat lib/vsprintf.c:1704 [inline] pointer+0x18e6/0x1f70 lib/vsprintf.c:2443 vsnprintf+0x1a9b/0x3650 lib/vsprintf.c:2810 vprintkstore+0x537/0x2150 kernel/printk/printk.c:2158 vprintkemit+0x28b/0xab0 kernel/printk/printk.c:2256 devvprintkemit+0x5ef/0x6d0 drivers/base/core.c:4604 devprintkemit+0x1dd/0x21f drivers/base/core.c:4615 _devprintk+0x3be/0x440 drivers/base/core.c:4627 _devinfo+0x1ea/0x22f drivers/base/core.c:4673 r871xudrvinit+0x1929/0x3070 drivers/staging/rtl8712/usbintf.c:401 usbprobeinterface+0xf19/0x1600 drivers/usb/core/driver.c:396 reallyprobe+0x6c7/0x1350 drivers/base/dd.c:621 _driverprobedevice+0x3e9/0x530 drivers/base/dd.c:752 driverprobedevice drivers/base/dd.c:782 [inline] _deviceattachdriver+0x79f/0x1120 drivers/base/dd.c:899 busforeachdrv+0x2d6/0x3f0 drivers/base/bus.c:427 _deviceattach+0x593/0x8e0 drivers/base/dd.c:970 deviceinitialprobe+0x4a/0x60 drivers/base/dd.c:1017 busprobedevice+0x17b/0x3e0 drivers/base/bus.c:487 deviceadd+0x1fff/0x26e0 drivers/base/core.c:3405 usbsetconfiguration+0x37e9/0x3ed0 drivers/usb/core/message.c:2170 usbgenericdriverprobe+0x13c/0x300 drivers/usb/core/generic.c:238 usbprobedevice+0x309/0x570 drivers/usb/core/driver.c:293 reallyprobe+0x6c7/0x1350 drivers/base/dd.c:621 _driverprobedevice+0x3e9/0x530 drivers/base/dd.c:752 driverprobedevice drivers/base/dd.c:782 [inline] _deviceattachdriver+0x79f/0x1120 drivers/base/dd.c:899 busforeachdrv+0x2d6/0x3f0 drivers/base/bus.c:427 _deviceattach+0x593/0x8e0 drivers/base/dd.c:970 deviceinitialprobe+0x4a/0x60 drivers/base/dd.c:1017 busprobedevice+0x17b/0x3e0 drivers/base/bus.c:487 deviceadd+0x1fff/0x26e0 drivers/base/core.c:3405 usbnewdevice+0x1b91/0x2950 drivers/usb/core/hub.c:2566 hubportconnect drivers/usb/core/hub.c:5363 [inline] hubportconnectchange drivers/usb/core/hub.c:5507 [inline] portevent drivers/usb/core/hub.c:5665 [inline] hubevent+0x58e3/0x89e0 drivers/usb/core/hub.c:5747 processonework+0xdb6/0x1820 kernel/workqueue.c:2289 workerthread+0x10d0/0x2240 kernel/workqueue.c:2436 kthread+0x3c7/0x500 kernel/kthread.c:376 retfromfork+0x1f/0x30

Local variable data created at: usbread8+0x5d/0x130 drivers/staging/rtl8712/usbops.c:33 r8712read8+0xa5/0xd0 drivers/staging/rtl8712/rtl8712io.c:29

KMSAN: uninit-value in r871xudrvinit https://syzkaller.appspot.com/bug?id=3cd92b1d85428b128503bfa7a250294c9ae00bd8