In the Linux kernel, the following vulnerability has been resolved:
tracing: Fix memory leak in testgensynthcmd() and testemptysynthevent()
testgensynthcmd() only free buf in fail path, hence buf will leak when there is no failure. Add kfree(buf) to prevent the memleak. The same reason and solution in testemptysynthevent().
unreferenced object 0xffff8881127de000 (size 2048): comm "modprobe", pid 247, jiffies 4294972316 (age 78.756s) hex dump (first 32 bytes): 20 67 65 6e 5f 73 79 6e 74 68 5f 74 65 73 74 20 gensynthtest 20 70 69 64 5f 74 20 6e 65 78 74 5f 70 69 64 5f pidt nextpid_ backtrace: [<000000004254801a>] kmalloctrace+0x26/0x100 [<0000000039eb1cf5>] 0xffffffffa00083cd [<000000000e8c3bc8>] 0xffffffffa00086ba [<00000000c293d1ea>] dooneinitcall+0xdb/0x480 [<00000000aa189e6d>] doinitmodule+0x1cf/0x680 [<00000000d513222b>] loadmodule+0x6a50/0x70a0 [<000000001fd4d529>] _dosysfinitmodule+0x12f/0x1c0 [<00000000b36c4c0f>] dosyscall64+0x3f/0x90 [<00000000bbf20cf3>] entrySYSCALL64afterhwframe+0x63/0xcd unreferenced object 0xffff8881127df000 (size 2048): comm "modprobe", pid 247, jiffies 4294972324 (age 78.728s) hex dump (first 32 bytes): 20 65 6d 70 74 79 5f 73 79 6e 74 68 5f 74 65 73 emptysynthtes 74 20 20 70 69 64 5f 74 20 6e 65 78 74 5f 70 69 t pidt nextpi backtrace: [<000000004254801a>] kmalloctrace+0x26/0x100 [<00000000d4db9a3d>] 0xffffffffa0008071 [<00000000c31354a5>] 0xffffffffa00086ce [<00000000c293d1ea>] dooneinitcall+0xdb/0x480 [<00000000aa189e6d>] doinitmodule+0x1cf/0x680 [<00000000d513222b>] loadmodule+0x6a50/0x70a0 [<000000001fd4d529>] _dosysfinitmodule+0x12f/0x1c0 [<00000000b36c4c0f>] dosyscall64+0x3f/0x90 [<00000000bbf20cf3>] entrySYSCALL64afterhwframe+0x63/0xcd
[
{
"id": "CVE-2022-49800-1ae139ed",
"deprecated": false,
"signature_version": "v1",
"digest": {
"line_hashes": [
"270964343445064923792493313998296653523",
"168299691937164544010569772423891596686",
"173422440430287607868558970379797678340",
"205155304218182578199839777247008646606",
"44381167549949986318863642958925039081",
"140352805678619172557122080427857059275",
"263446203141258492271498056939450472918",
"71895368279000599404494126591526211151",
"315348511062366442983844252709762795642",
"52219103743893578380617712713922241322",
"102301980201115903272518140855288868069",
"161394559929143838650514283414681766393",
"122627408967560345594185961891999059575",
"323617311908144673699818413713906751535",
"263757421604826428448558144920046437395",
"226911815120852882599833510175509357160",
"138325495473912560018652572361277553442",
"71895368279000599404494126591526211151",
"336235332466418654150332014362594787624",
"23401773799796691269748559834758096006"
],
"threshold": 0.9
},
"target": {
"file": "kernel/trace/synth_event_gen_test.c"
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@a4527fef9afe5c903c718d0cd24609fe9c754250",
"signature_type": "Line"
},
{
"id": "CVE-2022-49800-32422cb7",
"deprecated": false,
"signature_version": "v1",
"digest": {
"length": 1568.0,
"function_hash": "145647130402617145131723219645559193564"
},
"target": {
"function": "test_empty_synth_event",
"file": "kernel/trace/synth_event_gen_test.c"
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@07ba4f0603aba288580866394f2916dfe55823a2",
"signature_type": "Function"
},
{
"id": "CVE-2022-49800-39cee228",
"deprecated": false,
"signature_version": "v1",
"digest": {
"length": 1343.0,
"function_hash": "197139322237000015647507447140981927621"
},
"target": {
"function": "test_gen_synth_cmd",
"file": "kernel/trace/synth_event_gen_test.c"
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@65ba7e7c241122ef0a9e61d1920f2ae9689aa796",
"signature_type": "Function"
},
{
"id": "CVE-2022-49800-4fc344a1",
"deprecated": false,
"signature_version": "v1",
"digest": {
"length": 1568.0,
"function_hash": "145647130402617145131723219645559193564"
},
"target": {
"function": "test_empty_synth_event",
"file": "kernel/trace/synth_event_gen_test.c"
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@65ba7e7c241122ef0a9e61d1920f2ae9689aa796",
"signature_type": "Function"
},
{
"id": "CVE-2022-49800-5011a6bf",
"deprecated": false,
"signature_version": "v1",
"digest": {
"line_hashes": [
"270964343445064923792493313998296653523",
"168299691937164544010569772423891596686",
"173422440430287607868558970379797678340",
"205155304218182578199839777247008646606",
"44381167549949986318863642958925039081",
"140352805678619172557122080427857059275",
"263446203141258492271498056939450472918",
"71895368279000599404494126591526211151",
"315348511062366442983844252709762795642",
"52219103743893578380617712713922241322",
"102301980201115903272518140855288868069",
"161394559929143838650514283414681766393",
"122627408967560345594185961891999059575",
"323617311908144673699818413713906751535",
"263757421604826428448558144920046437395",
"226911815120852882599833510175509357160",
"138325495473912560018652572361277553442",
"71895368279000599404494126591526211151",
"336235332466418654150332014362594787624",
"23401773799796691269748559834758096006"
],
"threshold": 0.9
},
"target": {
"file": "kernel/trace/synth_event_gen_test.c"
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@65ba7e7c241122ef0a9e61d1920f2ae9689aa796",
"signature_type": "Line"
},
{
"id": "CVE-2022-49800-70610014",
"deprecated": false,
"signature_version": "v1",
"digest": {
"length": 1343.0,
"function_hash": "197139322237000015647507447140981927621"
},
"target": {
"function": "test_gen_synth_cmd",
"file": "kernel/trace/synth_event_gen_test.c"
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@a4527fef9afe5c903c718d0cd24609fe9c754250",
"signature_type": "Function"
},
{
"id": "CVE-2022-49800-7dffe465",
"deprecated": false,
"signature_version": "v1",
"digest": {
"line_hashes": [
"270964343445064923792493313998296653523",
"168299691937164544010569772423891596686",
"173422440430287607868558970379797678340",
"205155304218182578199839777247008646606",
"44381167549949986318863642958925039081",
"140352805678619172557122080427857059275",
"263446203141258492271498056939450472918",
"71895368279000599404494126591526211151",
"315348511062366442983844252709762795642",
"52219103743893578380617712713922241322",
"102301980201115903272518140855288868069",
"161394559929143838650514283414681766393",
"122627408967560345594185961891999059575",
"323617311908144673699818413713906751535",
"263757421604826428448558144920046437395",
"226911815120852882599833510175509357160",
"138325495473912560018652572361277553442",
"71895368279000599404494126591526211151",
"336235332466418654150332014362594787624",
"23401773799796691269748559834758096006"
],
"threshold": 0.9
},
"target": {
"file": "kernel/trace/synth_event_gen_test.c"
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@07ba4f0603aba288580866394f2916dfe55823a2",
"signature_type": "Line"
},
{
"id": "CVE-2022-49800-928d39f3",
"deprecated": false,
"signature_version": "v1",
"digest": {
"length": 1568.0,
"function_hash": "145647130402617145131723219645559193564"
},
"target": {
"function": "test_empty_synth_event",
"file": "kernel/trace/synth_event_gen_test.c"
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@0e5baaa181a052d968701bb9c5b1d55847f00942",
"signature_type": "Function"
},
{
"id": "CVE-2022-49800-b40bc340",
"deprecated": false,
"signature_version": "v1",
"digest": {
"length": 1343.0,
"function_hash": "197139322237000015647507447140981927621"
},
"target": {
"function": "test_gen_synth_cmd",
"file": "kernel/trace/synth_event_gen_test.c"
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@07ba4f0603aba288580866394f2916dfe55823a2",
"signature_type": "Function"
},
{
"id": "CVE-2022-49800-e41214ee",
"deprecated": false,
"signature_version": "v1",
"digest": {
"length": 1568.0,
"function_hash": "145647130402617145131723219645559193564"
},
"target": {
"function": "test_empty_synth_event",
"file": "kernel/trace/synth_event_gen_test.c"
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@a4527fef9afe5c903c718d0cd24609fe9c754250",
"signature_type": "Function"
},
{
"id": "CVE-2022-49800-f1d0044b",
"deprecated": false,
"signature_version": "v1",
"digest": {
"line_hashes": [
"270964343445064923792493313998296653523",
"168299691937164544010569772423891596686",
"173422440430287607868558970379797678340",
"205155304218182578199839777247008646606",
"44381167549949986318863642958925039081",
"140352805678619172557122080427857059275",
"263446203141258492271498056939450472918",
"71895368279000599404494126591526211151",
"315348511062366442983844252709762795642",
"52219103743893578380617712713922241322",
"102301980201115903272518140855288868069",
"161394559929143838650514283414681766393",
"122627408967560345594185961891999059575",
"323617311908144673699818413713906751535",
"263757421604826428448558144920046437395",
"226911815120852882599833510175509357160",
"138325495473912560018652572361277553442",
"71895368279000599404494126591526211151",
"336235332466418654150332014362594787624",
"23401773799796691269748559834758096006"
],
"threshold": 0.9
},
"target": {
"file": "kernel/trace/synth_event_gen_test.c"
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@0e5baaa181a052d968701bb9c5b1d55847f00942",
"signature_type": "Line"
},
{
"id": "CVE-2022-49800-f25f09b0",
"deprecated": false,
"signature_version": "v1",
"digest": {
"length": 1343.0,
"function_hash": "197139322237000015647507447140981927621"
},
"target": {
"function": "test_gen_synth_cmd",
"file": "kernel/trace/synth_event_gen_test.c"
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@0e5baaa181a052d968701bb9c5b1d55847f00942",
"signature_type": "Function"
}
]