CVE-2022-49951

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> firmware_loader: Fix use-after-free during unregister<br /> <br /> In the following code within firmware_upload_unregister(), the call to<br /> device_unregister() could result in the dev_release function freeing the<br /> fw_upload_priv structure before it is dereferenced for the call to<br /> module_put(). This bug was found by the kernel test robot using<br /> CONFIG_KASAN while running the firmware selftests.<br /> <br /> device_unregister(&amp;fw_sysfs-&gt;dev);<br /> module_put(fw_upload_priv-&gt;module);<br /> <br /> The problem is fixed by copying fw_upload_priv-&gt;module to a local variable<br /> for use when calling device_unregister().