Overview
About vulnerability
In the Linux kernel, the following vulnerability has been resolved:
dmaengine: qcom: gpi: Fix memory leak in gpi_peripheral_config()
Fix a memory leak in gpi_peripheral_config() where the original memory pointed to by gchan->config could be lost if krealloc() fails.
The issue occurs when:
- gchan->config points to previously allocated memory
- krealloc() fails and returns NULL
- The function directly assigns NULL to gchan->config, losing the reference to the original memory
- The original memory becomes unreachable and cannot be freed
Fix this by using a temporary variable to hold the krealloc() result and only updating gchan->config when the allocation succeeds.
Found via static analysis and code review.
Details
- Affected product:
- AlmaLinux 9.2 ESU , TuxCare 9.6 ESU , Ubuntu 20.04 ELS
- Affected packages:
- linux @ 5.4.0 (+2 more)
In the Linux kernel, the following vulnerability has been resolved:
dmaengine: qcom: gpi: Fix memory leak in gpi_peripheral_config()
Fix a memory leak in gpi_peripheral_config() where the original memory pointed to by gchan->config could be lost if krealloc() fails.
The issue occurs when:
- gchan->config points to previously allocated memory
- krealloc() fails and returns NULL
- The function directly assigns NULL to gchan->config, losing the reference to the original memory
- The original memory becomes unreachable and cannot be freed
Fix this by using a temporary variable to hold the krealloc() result and only updating gchan->config when the allocation succeeds.
Found via static analysis and code review.