CVE-2022-49926

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> net: dsa: Fix possible memory leaks in dsa_loop_init()<br /> <br /> kmemleak reported memory leaks in dsa_loop_init():<br /> <br /> kmemleak: 12 new suspected memory leaks<br /> <br /> unreferenced object 0xffff8880138ce000 (size 2048):<br /> comm "modprobe", pid 390, jiffies 4295040478 (age 238.976s)<br /> backtrace:<br /> [] kmalloc_trace+0x26/0x60<br /> [] phy_device_create+0x5d/0x970<br /> [] get_phy_device+0xf3/0x2b0<br /> [] __fixed_phy_register.part.0+0x92/0x4e0<br /> [] fixed_phy_register+0x84/0xb0<br /> [] dsa_loop_init+0xa9/0x116 [dsa_loop]<br /> ...<br /> <br /> There are two reasons for memleak in dsa_loop_init().<br /> <br /> First, fixed_phy_register() create and register phy_device:<br /> <br /> fixed_phy_register()<br /> get_phy_device()<br /> phy_device_create() # freed by phy_device_free()<br /> phy_device_register() # freed by phy_device_remove()<br /> <br /> But fixed_phy_unregister() only calls phy_device_remove().<br /> So the memory allocated in phy_device_create() is leaked.<br /> <br /> Second, when mdio_driver_register() fail in dsa_loop_init(),<br /> it just returns and there is no cleanup for phydevs.<br /> <br /> Fix the problems by catching the error of mdio_driver_register()<br /> in dsa_loop_init(), then calling both fixed_phy_unregister() and<br /> phy_device_free() to release phydevs.<br /> Also add a function for phydevs cleanup to avoid duplacate.