Unverified Commit 10cb5136 authored by openeuler-ci-bot's avatar openeuler-ci-bot Committed by Gitee
Browse files

!8395 5.10: fix CVE-2024-35978 

Merge Pull Request from: @ci-robot 
 
PR sync from: Wupeng Ma <mawupeng1@huawei.com>
https://mailweb.openeuler.org/hyperkitty/list/kernel@openeuler.org/message/LV3QLUP74BOXQYBYXTXUATN7GCATDKQV/ 
From: Ma Wupeng <mawupeng1@huawei.com>

fix CVE-2024-35978.

Dmitry Antipov (1):
  Bluetooth: Fix memory leak in hci_req_sync_complete()


-- 
2.25.1
 
https://gitee.com/src-openeuler/kernel/issues/I9QRBX 
 
Link:https://gitee.com/openeuler/kernel/pulls/8395

 

Reviewed-by: default avatarKefeng Wang <wangkefeng.wang@huawei.com>
Reviewed-by: default avatarYue Haibing <yuehaibing@huawei.com>
Signed-off-by: default avatarJialin Zhang <zhangjialin11@huawei.com>
parents 612281a8 1fb35485

net/bluetooth/hci_request.c

+3 −1
Original line number Diff line number Diff line
@@ -107,8 +107,10 @@ static void hci_req_sync_complete(struct hci_dev *hdev, u8 result, u16 opcode, 
	if (hdev->req_status == HCI_REQ_PEND) {

		hdev->req_result = result;

		hdev->req_status = HCI_REQ_DONE;

		if (skb)

		if (skb) {

			kfree_skb(hdev->req_skb);

			hdev->req_skb = skb_get(skb);

		}

		wake_up_interruptible(&hdev->req_wait_q);

	}

}