diff mbox series

[X,B,CVE-2019-19062,SRU,1/1] crypto: user - fix memory leak in crypto_report

Message ID 20191206100831.21124-2-po-hsu.lin@canonical.com
State New
Headers show
Series Fix for CVE-2019-19062 | expand

Commit Message

Po-Hsu Lin Dec. 6, 2019, 10:08 a.m. UTC 
From: Navid Emamdoost <navid.emamdoost@gmail.com>

CVE-2019-19062

In crypto_report, a new skb is created via nlmsg_new(). This skb should
be released if crypto_report_alg() fails.

Fixes: a38f7907b926 ("crypto: Add userspace configuration API")
Cc: <stable@vger.kernel.org>
Signed-off-by: Navid Emamdoost <navid.emamdoost@gmail.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
(backported from commit ffdde5932042600c6807d46c1550b28b0db6a3bc)
[PHLin: crypto_user.c not renamed yet, backported with the same logic]
Signed-off-by: Po-Hsu Lin <po-hsu.lin@canonical.com>
---
 crypto/crypto_user.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)
diff mbox series

Patch

diff --git a/crypto/crypto_user.c b/crypto/crypto_user.c
index 2b8fb8f..c0ad1a1 100644
--- a/crypto/crypto_user.c
+++ b/crypto/crypto_user.c
@@ -288,8 +288,10 @@  static int crypto_report(struct sk_buff *in_skb, struct nlmsghdr *in_nlh,
 drop_alg:
 	crypto_mod_put(alg);
 
-	if (err)
+	if (err) {
+		kfree_skb(skb);
 		return err;
+	}
 
 	return nlmsg_unicast(crypto_nlsk, skb, NETLINK_CB(in_skb).portid);
 }