In the Linux kernel, the following vulnerability has been resolved:
misc: ocxl: fix possible double free in ocxlfileregister_afu
inforelease() will be called in deviceunregister() when info->dev's reference count is 0. So there is no need to call ocxlafuput() and kfree() again.
Fix this by adding freeminor() and return to errunregister error path.
{ "vanir_signatures": [ { "target": { "file": "drivers/misc/ocxl/file.c" }, "signature_version": "v1", "id": "CVE-2022-49455-0c3c8ee1", "signature_type": "Line", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@de65c32ace9aa70d51facc61ba986607075e3a25", "digest": { "threshold": 0.9, "line_hashes": [ "301314504051512484303051236633739002022", "130414002484170313404747207352277776265", "291560131549637626357946193255208934669", "13384829115373466765175872148906012467", "332155516186387297126954617534444123721" ] }, "deprecated": false }, { "target": { "file": "drivers/misc/ocxl/file.c", "function": "ocxl_file_register_afu" }, "signature_version": "v1", "id": "CVE-2022-49455-0d518259", "signature_type": "Function", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@252768d32e92c1214aeebb5fec0844ca479bcf5c", "digest": { "length": 1044.0, "function_hash": "310132864094955398028967129348830630468" }, "deprecated": false }, { "target": { "file": "drivers/misc/ocxl/file.c", "function": "ocxl_file_register_afu" }, "signature_version": "v1", "id": "CVE-2022-49455-3c765eed", "signature_type": "Function", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@9e9087cf34ee69f4e95d146ac29385d6e367a97b", "digest": { "length": 1044.0, "function_hash": "310132864094955398028967129348830630468" }, "deprecated": false }, { "target": { "file": "drivers/misc/ocxl/file.c", "function": "ocxl_file_register_afu" }, "signature_version": "v1", "id": "CVE-2022-49455-435cbb19", "signature_type": "Function", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@950cf957fe34d40d63dfa3bf3968210430b6491e", "digest": { "length": 1044.0, "function_hash": "310132864094955398028967129348830630468" }, "deprecated": false }, { "target": { "file": "drivers/misc/ocxl/file.c" }, "signature_version": "v1", "id": "CVE-2022-49455-5122c12d", "signature_type": "Line", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@ee89d8dee55ab4b3b8ad8b70866b2841ba334767", "digest": { "threshold": 0.9, "line_hashes": [ "301314504051512484303051236633739002022", "130414002484170313404747207352277776265", "291560131549637626357946193255208934669", "13384829115373466765175872148906012467", "332155516186387297126954617534444123721" ] }, "deprecated": false }, { "target": { "file": "drivers/misc/ocxl/file.c", "function": "ocxl_file_register_afu" }, "signature_version": "v1", "id": "CVE-2022-49455-78c629e9", "signature_type": "Function", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@de65c32ace9aa70d51facc61ba986607075e3a25", "digest": { "length": 1044.0, "function_hash": "310132864094955398028967129348830630468" }, "deprecated": false }, { "target": { "file": "drivers/misc/ocxl/file.c" }, "signature_version": "v1", "id": "CVE-2022-49455-7fa46d84", "signature_type": "Line", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@950cf957fe34d40d63dfa3bf3968210430b6491e", "digest": { "threshold": 0.9, "line_hashes": [ "301314504051512484303051236633739002022", "130414002484170313404747207352277776265", "291560131549637626357946193255208934669", "13384829115373466765175872148906012467", "332155516186387297126954617534444123721" ] }, "deprecated": false }, { "target": { "file": "drivers/misc/ocxl/file.c" }, "signature_version": "v1", "id": "CVE-2022-49455-82b99aa6", "signature_type": "Line", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@8fb674216835e1f0c143762696d645facebb4685", "digest": { "threshold": 0.9, "line_hashes": [ "301314504051512484303051236633739002022", "130414002484170313404747207352277776265", "291560131549637626357946193255208934669", "13384829115373466765175872148906012467", "332155516186387297126954617534444123721" ] }, "deprecated": false }, { "target": { "file": "drivers/misc/ocxl/file.c", "function": "ocxl_file_register_afu" }, "signature_version": "v1", "id": "CVE-2022-49455-82d0dbb2", "signature_type": "Function", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@8fb674216835e1f0c143762696d645facebb4685", "digest": { "length": 1044.0, "function_hash": "310132864094955398028967129348830630468" }, "deprecated": false }, { "target": { "file": "drivers/misc/ocxl/file.c" }, "signature_version": "v1", "id": "CVE-2022-49455-a4025699", "signature_type": "Line", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@252768d32e92c1214aeebb5fec0844ca479bcf5c", "digest": { "threshold": 0.9, "line_hashes": [ "301314504051512484303051236633739002022", "130414002484170313404747207352277776265", "291560131549637626357946193255208934669", "13384829115373466765175872148906012467", "332155516186387297126954617534444123721" ] }, "deprecated": false }, { "target": { "file": "drivers/misc/ocxl/file.c" }, "signature_version": "v1", "id": "CVE-2022-49455-af98fa32", "signature_type": "Line", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@9e9087cf34ee69f4e95d146ac29385d6e367a97b", "digest": { "threshold": 0.9, "line_hashes": [ "301314504051512484303051236633739002022", "130414002484170313404747207352277776265", "291560131549637626357946193255208934669", "13384829115373466765175872148906012467", "332155516186387297126954617534444123721" ] }, "deprecated": false }, { "target": { "file": "drivers/misc/ocxl/file.c", "function": "ocxl_file_register_afu" }, "signature_version": "v1", "id": "CVE-2022-49455-b208ff56", "signature_type": "Function", "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@ee89d8dee55ab4b3b8ad8b70866b2841ba334767", "digest": { "length": 1044.0, "function_hash": "310132864094955398028967129348830630468" }, "deprecated": false } ] }