cve/published/2020/CVE-2020-36777.mbox - pub/scm/linux/security/vulns - Git at Google

 From bippy-5f407fcff5a0 Mon Sep 17 00:00:00 2001
 From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
 To: <linux-cve-announce@vger.kernel.org>
 Reply-to: <cve@kernel.org>, <linux-kernel@vger.kernel.org>
 Subject: CVE-2020-36777: media: dvbdev: Fix memory leak in dvb_media_device_free()

 Description
 ===========

 In the Linux kernel, the following vulnerability has been resolved:

 media: dvbdev: Fix memory leak in dvb_media_device_free()

 dvb_media_device_free() is leaking memory. Free `dvbdev->adapter->conn`
 before setting it to NULL, as documented in include/media/media-device.h:
 "The media_entity instance itself must be freed explicitly by the driver
 if required."

 The Linux kernel CVE team has assigned CVE-2020-36777 to this issue.


 Affected and fixed versions
 ===========================

 	Issue introduced in 4.5 with commit 0230d60e4661d9ced6fb0b9a30f182ebdafbba7a and fixed in 4.9.269 with commit 06854b943e0571ccbd7ad0a529babed1a98ff275
 	Issue introduced in 4.5 with commit 0230d60e4661d9ced6fb0b9a30f182ebdafbba7a and fixed in 4.14.233 with commit 32168ca1f123316848fffb85d059860adf3c409f
 	Issue introduced in 4.5 with commit 0230d60e4661d9ced6fb0b9a30f182ebdafbba7a and fixed in 4.19.191 with commit cd89f79be5d553c78202f686e8e4caa5fbe94e98
 	Issue introduced in 4.5 with commit 0230d60e4661d9ced6fb0b9a30f182ebdafbba7a and fixed in 5.4.118 with commit 9185b3b1c143b8da409c19ac5a785aa18d67a81b
 	Issue introduced in 4.5 with commit 0230d60e4661d9ced6fb0b9a30f182ebdafbba7a and fixed in 5.10.36 with commit 43263fd43083e412311fa764cd04a727b0c6a749
 	Issue introduced in 4.5 with commit 0230d60e4661d9ced6fb0b9a30f182ebdafbba7a and fixed in 5.11.20 with commit 9ad15e214fcd73694ea51967d86055f47b802066
 	Issue introduced in 4.5 with commit 0230d60e4661d9ced6fb0b9a30f182ebdafbba7a and fixed in 5.12.3 with commit cede24d13be6c2a62be6d7ceea63c2719b0cfa82
 	Issue introduced in 4.5 with commit 0230d60e4661d9ced6fb0b9a30f182ebdafbba7a and fixed in 5.13 with commit bf9a40ae8d722f281a2721779595d6df1c33a0bf

 Please see https://www.kernel.org for a full list of currently supported
 kernel versions by the kernel community.

 Unaffected versions might change over time as fixes are backported to
 older supported kernel versions.  The official CVE entry at
 	https://cve.org/CVERecord/?id=CVE-2020-36777
 will be updated if fixes are backported, please check that for the most
 up to date information about this issue.


 Affected files
 ==============

 The file(s) affected by this issue are:
 	drivers/media/dvb-core/dvbdev.c


 Mitigation
 ==========

 The Linux kernel CVE team recommends that you update to the latest
 stable kernel version for this, and many other bugfixes.  Individual
 changes are never tested alone, but rather are part of a larger kernel
 release.  Cherry-picking individual commits is not recommended or
 supported by the Linux kernel community at all.  If however, updating to
 the latest release is impossible, the individual changes to resolve this
 issue can be found at these commits:
 	https://git.kernel.org/stable/c/06854b943e0571ccbd7ad0a529babed1a98ff275
 	https://git.kernel.org/stable/c/32168ca1f123316848fffb85d059860adf3c409f
 	https://git.kernel.org/stable/c/cd89f79be5d553c78202f686e8e4caa5fbe94e98
 	https://git.kernel.org/stable/c/9185b3b1c143b8da409c19ac5a785aa18d67a81b
 	https://git.kernel.org/stable/c/43263fd43083e412311fa764cd04a727b0c6a749
 	https://git.kernel.org/stable/c/9ad15e214fcd73694ea51967d86055f47b802066
 	https://git.kernel.org/stable/c/cede24d13be6c2a62be6d7ceea63c2719b0cfa82
 	https://git.kernel.org/stable/c/bf9a40ae8d722f281a2721779595d6df1c33a0bf
	From bippy-5f407fcff5a0 Mon Sep 17 00:00:00 2001
	From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
	To: <linux-cve-announce@vger.kernel.org>
	Reply-to: <cve@kernel.org>, <linux-kernel@vger.kernel.org>
	Subject: CVE-2020-36777: media: dvbdev: Fix memory leak in dvb_media_device_free()

	Description
	===========

	In the Linux kernel, the following vulnerability has been resolved:

	media: dvbdev: Fix memory leak in dvb_media_device_free()

	dvb_media_device_free() is leaking memory. Free `dvbdev->adapter->conn`
	before setting it to NULL, as documented in include/media/media-device.h:
	"The media_entity instance itself must be freed explicitly by the driver
	if required."

	The Linux kernel CVE team has assigned CVE-2020-36777 to this issue.


	Affected and fixed versions
	===========================

	Issue introduced in 4.5 with commit 0230d60e4661d9ced6fb0b9a30f182ebdafbba7a and fixed in 4.9.269 with commit 06854b943e0571ccbd7ad0a529babed1a98ff275
	Issue introduced in 4.5 with commit 0230d60e4661d9ced6fb0b9a30f182ebdafbba7a and fixed in 4.14.233 with commit 32168ca1f123316848fffb85d059860adf3c409f
	Issue introduced in 4.5 with commit 0230d60e4661d9ced6fb0b9a30f182ebdafbba7a and fixed in 4.19.191 with commit cd89f79be5d553c78202f686e8e4caa5fbe94e98
	Issue introduced in 4.5 with commit 0230d60e4661d9ced6fb0b9a30f182ebdafbba7a and fixed in 5.4.118 with commit 9185b3b1c143b8da409c19ac5a785aa18d67a81b
	Issue introduced in 4.5 with commit 0230d60e4661d9ced6fb0b9a30f182ebdafbba7a and fixed in 5.10.36 with commit 43263fd43083e412311fa764cd04a727b0c6a749
	Issue introduced in 4.5 with commit 0230d60e4661d9ced6fb0b9a30f182ebdafbba7a and fixed in 5.11.20 with commit 9ad15e214fcd73694ea51967d86055f47b802066
	Issue introduced in 4.5 with commit 0230d60e4661d9ced6fb0b9a30f182ebdafbba7a and fixed in 5.12.3 with commit cede24d13be6c2a62be6d7ceea63c2719b0cfa82
	Issue introduced in 4.5 with commit 0230d60e4661d9ced6fb0b9a30f182ebdafbba7a and fixed in 5.13 with commit bf9a40ae8d722f281a2721779595d6df1c33a0bf

	Please see https://www.kernel.org for a full list of currently supported
	kernel versions by the kernel community.

	Unaffected versions might change over time as fixes are backported to
	older supported kernel versions. The official CVE entry at
	https://cve.org/CVERecord/?id=CVE-2020-36777
	will be updated if fixes are backported, please check that for the most
	up to date information about this issue.


	Affected files
	==============

	The file(s) affected by this issue are:
	drivers/media/dvb-core/dvbdev.c


	Mitigation
	==========

	The Linux kernel CVE team recommends that you update to the latest
	stable kernel version for this, and many other bugfixes. Individual
	changes are never tested alone, but rather are part of a larger kernel
	release. Cherry-picking individual commits is not recommended or
	supported by the Linux kernel community at all. If however, updating to
	the latest release is impossible, the individual changes to resolve this
	issue can be found at these commits:
	https://git.kernel.org/stable/c/06854b943e0571ccbd7ad0a529babed1a98ff275
	https://git.kernel.org/stable/c/32168ca1f123316848fffb85d059860adf3c409f
	https://git.kernel.org/stable/c/cd89f79be5d553c78202f686e8e4caa5fbe94e98
	https://git.kernel.org/stable/c/9185b3b1c143b8da409c19ac5a785aa18d67a81b
	https://git.kernel.org/stable/c/43263fd43083e412311fa764cd04a727b0c6a749
	https://git.kernel.org/stable/c/9ad15e214fcd73694ea51967d86055f47b802066
	https://git.kernel.org/stable/c/cede24d13be6c2a62be6d7ceea63c2719b0cfa82
	https://git.kernel.org/stable/c/bf9a40ae8d722f281a2721779595d6df1c33a0bf