CVE-2022-50740

*** Pendiente de traducción *** In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> wifi: ath9k: hif_usb: fix memory leak of urbs in ath9k_hif_usb_dealloc_tx_urbs()<br /> <br /> Syzkaller reports a long-known leak of urbs in<br /> ath9k_hif_usb_dealloc_tx_urbs().<br /> <br /> The cause of the leak is that usb_get_urb() is called but usb_free_urb()<br /> (or usb_put_urb()) is not called inside usb_kill_urb() as urb-&gt;dev or<br /> urb-&gt;ep fields have not been initialized and usb_kill_urb() returns<br /> immediately.<br /> <br /> The patch removes trying to kill urbs located in hif_dev-&gt;tx.tx_buf<br /> because hif_dev-&gt;tx.tx_buf is not supposed to contain urbs which are in<br /> pending state (the pending urbs are stored in hif_dev-&gt;tx.tx_pending).<br /> The tx.tx_lock is acquired so there should not be any changes in the list.<br /> <br /> Found by Linux Verification Center (linuxtesting.org) with Syzkaller.