2 matches found
SUSE CVE-2022-50707
In the Linux kernel, the following vulnerability has been resolved: virtio-crypto: fix memory leak in virtiocryptoalgskcipherclosesession 'vcctrlreq' is alloced in virtiocryptoalgskcipherclosesession, and should be freed in the invalid ctrlstatus-status error handling case. Otherwise there is a...
CVE-2022-50707
CVE-2022-50707 concerns the Linux kernel virtio-crypto memory leak in virtio_crypto_alg_skcipher_close_session(). The issue occurs because the allocated vc_ctrl_req is freed only in the success path, while its error path (invalid ctrl_status->status) fails to release it, causing a memory leak....