[pve-devel] [PATCH kvm] fix CVE-2016-7466
Fabian Grünbichler
f.gruenbichler at proxmox.com
Thu Sep 22 08:26:54 CEST 2016
memory leak in usb_xhci_exit
---
...usb-xhci-fix-memory-leak-in-usb_xhci_exit.patch | 32 ++++++++++++++++++++++
debian/patches/series | 1 +
2 files changed, 33 insertions(+)
create mode 100644 debian/patches/extra/CVE-2016-7466-usb-xhci-fix-memory-leak-in-usb_xhci_exit.patch
diff --git a/debian/patches/extra/CVE-2016-7466-usb-xhci-fix-memory-leak-in-usb_xhci_exit.patch b/debian/patches/extra/CVE-2016-7466-usb-xhci-fix-memory-leak-in-usb_xhci_exit.patch
new file mode 100644
index 0000000..c463161
--- /dev/null
+++ b/debian/patches/extra/CVE-2016-7466-usb-xhci-fix-memory-leak-in-usb_xhci_exit.patch
@@ -0,0 +1,32 @@
+From b53dd4495ced2432a0b652ea895e651d07336f7e Mon Sep 17 00:00:00 2001
+From: Li Qiang <liqiang6-s at 360.cn>
+Date: Tue, 13 Sep 2016 03:20:03 -0700
+Subject: [PATCH] usb:xhci:fix memory leak in usb_xhci_exit
+
+If the xhci uses msix, it doesn't free the corresponding
+memory, thus leading a memory leak. This patch avoid this.
+
+Signed-off-by: Li Qiang <liqiang6-s at 360.cn>
+Message-id: 57d7d2e0.d4301c0a.d13e9.9a55 at mx.google.com
+Signed-off-by: Gerd Hoffmann <kraxel at redhat.com>
+---
+ hw/usb/hcd-xhci.c | 3 +--
+ 1 file changed, 1 insertion(+), 2 deletions(-)
+
+diff --git a/hw/usb/hcd-xhci.c b/hw/usb/hcd-xhci.c
+index 37c1493..726435c 100644
+--- a/hw/usb/hcd-xhci.c
++++ b/hw/usb/hcd-xhci.c
+@@ -3715,8 +3715,7 @@ static void usb_xhci_exit(PCIDevice *dev)
+ /* destroy msix memory region */
+ if (dev->msix_table && dev->msix_pba
+ && dev->msix_entry_used) {
+- memory_region_del_subregion(&xhci->mem, &dev->msix_table_mmio);
+- memory_region_del_subregion(&xhci->mem, &dev->msix_pba_mmio);
++ msix_uninit(dev, &xhci->mem, &xhci->mem);
+ }
+
+ usb_bus_release(&xhci->bus);
+--
+2.1.4
+
diff --git a/debian/patches/series b/debian/patches/series
index 5c17cf1..b1e63d6 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -77,4 +77,5 @@ extra/CVE-2016-7157-scsi-mptconfig-fix-an-assert-expression.patch
extra/CVE-2016-7170-vmsvga-correct-bitmap-and-pixmap-size-checks.patch
extra/CVE-2016-7421-scsi-pvscsi-limit-process-IO-loop-to-ring-size.patch
extra/CVE-2016-7423-scsi-mptsas-use-g_new0-to-allocate-MPTSASRequest-obj.patch
+extra/CVE-2016-7466-usb-xhci-fix-memory-leak-in-usb_xhci_exit.patch
extra/x86-lapic-Load-LAPIC-state-at-post_load.patch
--
2.1.4
More information about the pve-devel
mailing list