rpms/kernel
3
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Fix CVE-2019-19077 rhbz 1775724 1775725

Browse source
This commit is contained in:
Justin M. Forbes 2019-11-22 12:59:44 -06:00
commit 3f3e2cef37
2 changed files with 38 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

33
0001-RDMA-Fix-goto-target-to-release-the-allocated-memory.patch Normal file
View file

@ -0,0 +1,33 @@
From 4a9d46a9fe14401f21df69cea97c62396d5fb053 Mon Sep 17 00:00:00 2001
From: Navid Emamdoost <navid.emamdoost@gmail.com>
Date: Tue, 10 Sep 2019 17:21:19 -0500
Subject: [PATCH] RDMA: Fix goto target to release the allocated memory
In bnxt_re_create_srq(), when ib_copy_to_udata() fails allocated memory
should be released by goto fail.
Fixes: 37cb11acf1f7 ("RDMA/bnxt_re: Add SRQ support for Broadcom adapters")
Link: https://lore.kernel.org/r/20190910222120.16517-1-navid.emamdoost@gmail.com
Signed-off-by: Navid Emamdoost <navid.emamdoost@gmail.com>
Reviewed-by: Jason Gunthorpe <jgg@mellanox.com>
Signed-off-by: Jason Gunthorpe <jgg@mellanox.com>
---
drivers/infiniband/hw/bnxt_re/ib_verbs.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/drivers/infiniband/hw/bnxt_re/ib_verbs.c b/drivers/infiniband/hw/bnxt_re/ib_verbs.c
index f9e97d0cc459..b4149dc9e824 100644
--- a/drivers/infiniband/hw/bnxt_re/ib_verbs.c
+++ b/drivers/infiniband/hw/bnxt_re/ib_verbs.c
@@ -1398,7 +1398,7 @@ int bnxt_re_create_srq(struct ib_srq *ib_srq,
dev_err(rdev_to_dev(rdev), "SRQ copy to udata failed!");
bnxt_qplib_destroy_srq(&rdev->qplib_res,
&srq->qplib_srq);
- goto exit;
+ goto fail;
}
}
if (nq)
--
2.23.0

5
kernel.spec
View file

@ -643,6 +643,8 @@ Patch523: 0001-nl80211-fix-memory-leak-in-nl80211_get_ftm_responder.patch
# CVE-2019-19054 rhbz 1775063 1775117
Patch524: media-rc-prevent-memory-leak-in-cx23888_ir_probe.patch
# CVE-2019-19077 rhbz 1775724 1775725
Patch525: 0001-RDMA-Fix-goto-target-to-release-the-allocated-memory.patch
# END OF PATCH DEFINITIONS
@ -1881,6 +1883,9 @@ fi
#
#
%changelog
* Fri Nov 22 2019 Justin M. Forbes <jforbes@fedoraproject.org>
- Fix CVE-2019-19077 rhbz 1775724 1775725
* Thu Nov 21 2019 Justin M. Forbes <jforbes@fedoraproject.org> - 5.3.12-100
- Fix CVE-2019-19074 (rhbz 1774933 1774934)
- Fix CVE-2019-19073 (rhbz 1774937 1774939)