In the Linux kernel, the following vulnerability has been...
Unreviewed
Published
May 1, 2024
to the GitHub Advisory Database
•
Updated May 1, 2024
Description
Published by the National Vulnerability Database
May 1, 2024
Published to the GitHub Advisory Database
May 1, 2024
Last updated
May 1, 2024
In the Linux kernel, the following vulnerability has been resolved:
SUNRPC: fix a memleak in gss_import_v2_context
The ctx->mech_used.data allocated by kmemdup is not freed in neither
gss_import_v2_context nor it only caller gss_krb5_import_sec_context,
which frees ctx on error.
Thus, this patch reform the last call of gss_import_v2_context to the
gss_krb5_import_ctx_v2, preventing the memleak while keepping the return
formation.
References