Bugzilla – Bug 1225430
VUL-0: CVE-2021-47519: kernel: can: m_can: m_can_read_fifo: fix memory leak in error branch
Last modified: 2024-05-29 10:41:12 UTC
In the Linux kernel, the following vulnerability has been resolved: can: m_can: m_can_read_fifo: fix memory leak in error branch In m_can_read_fifo(), if the second call to m_can_fifo_read() fails, the function jump to the out_fail label and returns without calling m_can_receive_skb(). This means that the skb previously allocated by alloc_can_skb() is not freed. In other terms, this is a memory leak. This patch adds a goto label to destroy the skb if an error occurs. Issue was found with GCC -fanalyzer, please follow the link below for details. References: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-47519 https://www.cve.org/CVERecord?id=CVE-2021-47519 https://git.kernel.org/stable/c/31cb32a590d62b18f69a9a6d433f4e69c74fdd56 https://git.kernel.org/stable/c/75a422165477dd12d2d20aa7c9ee7c9a281c9908 https://git.kernel.org/pub/scm/linux/security/vulns.git/plain/cve/published/2021/CVE-2021-47519.mbox https://bugzilla.redhat.com/show_bug.cgi?id=2283432
All done, closing.