summaryrefslogtreecommitdiffstats
path: root/recipes-kernel/linux/linux-hierofalcon/ALSA-CVE-2016-2384.patch
diff options
context:
space:
mode:
Diffstat (limited to 'recipes-kernel/linux/linux-hierofalcon/ALSA-CVE-2016-2384.patch')
-rw-r--r--recipes-kernel/linux/linux-hierofalcon/ALSA-CVE-2016-2384.patch41
1 files changed, 41 insertions, 0 deletions
diff --git a/recipes-kernel/linux/linux-hierofalcon/ALSA-CVE-2016-2384.patch b/recipes-kernel/linux/linux-hierofalcon/ALSA-CVE-2016-2384.patch
new file mode 100644
index 0000000..23fb898
--- /dev/null
+++ b/recipes-kernel/linux/linux-hierofalcon/ALSA-CVE-2016-2384.patch
@@ -0,0 +1,41 @@
1From 1ea63b629c9c53af6cdde4daf166b3d31b3e9cfe Mon Sep 17 00:00:00 2001
2From: Andrey Konovalov <andreyknvl@gmail.com>
3Date: Sat, 13 Feb 2016 11:08:06 +0300
4Subject: ALSA: usb-audio: avoid freeing umidi object twice
5
6[ Upstream commit 07d86ca93db7e5cdf4743564d98292042ec21af7 ]
7
8The 'umidi' object will be free'd on the error path by snd_usbmidi_free()
9when tearing down the rawmidi interface. So we shouldn't try to free it
10in snd_usbmidi_create() after having registered the rawmidi interface.
11
12Found by KASAN.
13
14CVE: CVE-2016-2384
15Upstream-Status: Backport
16
17Signed-off-by: Andrey Konovalov <andreyknvl@gmail.com>
18Acked-by: Clemens Ladisch <clemens@ladisch.de>
19Cc: <stable@vger.kernel.org>
20Signed-off-by: Takashi Iwai <tiwai@suse.de>
21Signed-off-by: Sasha Levin <sasha.levin@oracle.com>
22Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
23---
24 sound/usb/midi.c | 1 -
25 1 file changed, 1 deletion(-)
26
27diff --git a/sound/usb/midi.c b/sound/usb/midi.c
28index bec63e0..f059326 100644
29--- a/sound/usb/midi.c
30+++ b/sound/usb/midi.c
31@@ -2451,7 +2451,6 @@ int snd_usbmidi_create(struct snd_card *card,
32 else
33 err = snd_usbmidi_create_endpoints(umidi, endpoints);
34 if (err < 0) {
35- snd_usbmidi_free(umidi);
36 return err;
37 }
38
39--
40cgit v0.12
41