CVE-2022-49530

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> drm/amd/pm: fix double free in si_parse_power_table()<br /> <br /> In function si_parse_power_table(), array adev-&gt;pm.dpm.ps and its member<br /> is allocated. If the allocation of each member fails, the array itself<br /> is freed and returned with an error code. However, the array is later<br /> freed again in si_dpm_fini() function which is called when the function<br /> returns an error.<br /> <br /> This leads to potential double free of the array adev-&gt;pm.dpm.ps, as<br /> well as leak of its array members, since the members are not freed in<br /> the allocation function and the array is not nulled when freed.<br /> In addition adev-&gt;pm.dpm.num_ps, which keeps track of the allocated<br /> array member, is not updated until the member allocation is<br /> successfully finished, this could also lead to either use after free,<br /> or uninitialized variable access in si_dpm_fini().<br /> <br /> Fix this by postponing the free of the array until si_dpm_fini() and<br /> increment adev-&gt;pm.dpm.num_ps everytime the array member is allocated.