cve/published/2022/CVE-2022-49912.mbox

From bippy-1.1.0 Mon Sep 17 00:00:00 2001
From: Greg Kroah-Hartman <gregkh@kernel.org>
To: <linux-cve-announce@vger.kernel.org>
Reply-to: <cve@kernel.org>, <linux-kernel@vger.kernel.org>
Subject: CVE-2022-49912: btrfs: fix ulist leaks in error paths of qgroup self tests

Description
===========

In the Linux kernel, the following vulnerability has been resolved:

btrfs: fix ulist leaks in error paths of qgroup self tests

In the test_no_shared_qgroup() and test_multiple_refs() qgroup self tests,
if we fail to add the tree ref, remove the extent item or remove the
extent ref, we are returning from the test function without freeing the
"old_roots" ulist that was allocated by the previous calls to
btrfs_find_all_roots(). Fix that by calling ulist_free() before returning.

The Linux kernel CVE team has assigned CVE-2022-49912 to this issue.


Affected and fixed versions
===========================

	Issue introduced in 4.2 with commit 442244c9633292a147ab2b29e7007a7c8a3909b2 and fixed in 4.9.333 with commit d81370396025cf63a7a1b5f8bb25a3479203b2ca
	Issue introduced in 4.2 with commit 442244c9633292a147ab2b29e7007a7c8a3909b2 and fixed in 4.14.299 with commit 3f58283d83a588ff5da62fc150de19e798ed2ec2
	Issue introduced in 4.2 with commit 442244c9633292a147ab2b29e7007a7c8a3909b2 and fixed in 4.19.265 with commit 203204798831c35d855ecc6417d98267d2d2184b
	Issue introduced in 4.2 with commit 442244c9633292a147ab2b29e7007a7c8a3909b2 and fixed in 5.4.224 with commit 5d1a47ebf84540e40b5b43fc21aef0d6c0f627d9
	Issue introduced in 4.2 with commit 442244c9633292a147ab2b29e7007a7c8a3909b2 and fixed in 5.10.154 with commit 0a0dead4ad1a2e2a9bdf133ef45111d7c8daef84
	Issue introduced in 4.2 with commit 442244c9633292a147ab2b29e7007a7c8a3909b2 and fixed in 5.15.78 with commit f46ea5fa3320dca4fe0c0926b49a5f14cb85de62
	Issue introduced in 4.2 with commit 442244c9633292a147ab2b29e7007a7c8a3909b2 and fixed in 6.0.8 with commit da7003434bcab0ae9aba3f2c003e734cae093326
	Issue introduced in 4.2 with commit 442244c9633292a147ab2b29e7007a7c8a3909b2 and fixed in 6.1 with commit d37de92b38932d40e4a251e876cc388f9aee5f42

Please see https://www.kernel.org for a full list of currently supported
kernel versions by the kernel community.

Unaffected versions might change over time as fixes are backported to
older supported kernel versions.  The official CVE entry at
	https://cve.org/CVERecord/?id=CVE-2022-49912
will be updated if fixes are backported, please check that for the most
up to date information about this issue.


Affected files
==============

The file(s) affected by this issue are:
	fs/btrfs/tests/qgroup-tests.c


Mitigation
==========

The Linux kernel CVE team recommends that you update to the latest
stable kernel version for this, and many other bugfixes.  Individual
changes are never tested alone, but rather are part of a larger kernel
release.  Cherry-picking individual commits is not recommended or
supported by the Linux kernel community at all.  If however, updating to
the latest release is impossible, the individual changes to resolve this
issue can be found at these commits:
	https://git.kernel.org/stable/c/d81370396025cf63a7a1b5f8bb25a3479203b2ca
	https://git.kernel.org/stable/c/3f58283d83a588ff5da62fc150de19e798ed2ec2
	https://git.kernel.org/stable/c/203204798831c35d855ecc6417d98267d2d2184b
	https://git.kernel.org/stable/c/5d1a47ebf84540e40b5b43fc21aef0d6c0f627d9
	https://git.kernel.org/stable/c/0a0dead4ad1a2e2a9bdf133ef45111d7c8daef84
	https://git.kernel.org/stable/c/f46ea5fa3320dca4fe0c0926b49a5f14cb85de62
	https://git.kernel.org/stable/c/da7003434bcab0ae9aba3f2c003e734cae093326
	https://git.kernel.org/stable/c/d37de92b38932d40e4a251e876cc388f9aee5f42