References to Advisories, Solutions, and Tools

By selecting these links, you will be leaving NIST webspace. We have provided these links to other web sites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other web sites that are more appropriate for your purpose. NIST does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, NIST does not endorse any commercial products that may be mentioned on these sites. Please address comments about this page to [email protected].

Change History

In the Linux kernel, the following vulnerability has been resolved:

io_uring: fix filename leak in __io_openat_prep()

 __io_openat_prep() allocates a struct filename using getname(). However,
for the condition of the file being installed in the fixed file table as
well as having O_CLOEXEC flag set, the function returns early. At that
point, the request doesn't have REQ_F_NEED_CLEANUP flag set. Due to this,
the memory for the newly allocated struct filename is not cleaned up,
causing a memory leak.

Fix this by setting the REQ_F_NEED_CLEANUP for the request just after the
successful getname() call, so that when the request is torn down, the
filename will be cleaned up, along with other resources needing cleanup.

https://git.kernel.org/stable/c/18b99fa603d0df5e1c898699c17d3b92ddc80746

https://git.kernel.org/stable/c/7fbfb85b05bc960cc50e09d03e5e562131e48d45

https://git.kernel.org/stable/c/8f44c4a550570cd5903625133f938c6b51310c9b

https://git.kernel.org/stable/c/b14fad555302a2104948feaff70503b64c80ac01

https://git.kernel.org/stable/c/e232269d511566b1f80872256a48593acc1becf4