CVE-2023-54022

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> ALSA: usb-audio: Fix potential memory leaks at error path for UMP open<br /> <br /> The allocation and initialization errors at alloc_midi_urbs() that is<br /> called at MIDI 2.0 / UMP device are supposed to be handled at the<br /> caller side by invoking free_midi_urbs(). However, free_midi_urbs()<br /> loops only for ep-&gt;num_urbs entries, and since ep-&gt;num_entries wasn&amp;#39;t<br /> updated yet at the allocation / init error in alloc_midi_urbs(), this<br /> entry won&amp;#39;t be released.<br /> <br /> The intention of free_midi_urbs() is to release the whole elements, so<br /> change the loop size to NUM_URBS to scan over all elements for fixing<br /> the missed releases.<br /> <br /> Also, the call of free_midi_urbs() is missing at<br /> snd_usb_midi_v2_open(). Although it&amp;#39;ll be released later at<br /> reopen/close or disconnection, it&amp;#39;s better to release immediately at<br /> the error path.