From 86dd8fac2acc366930a5dc08d3fb1b1e816f4e1e Mon Sep 17 00:00:00 2001 From: Li Qiang Date: Sat, 15 May 2021 20:03:57 -0700 Subject: [PATCH] vhost-user-gpu: fix resource leak in 'vg_resource_create_2d' (CVE-2021-3544) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Call 'vugbm_buffer_destroy' in error path to avoid resource leak. Fixes: CVE-2021-3544 Reported-by: Li Qiang Reviewed-by: Prasad J Pandit Signed-off-by: Li Qiang Reviewed-by: Marc-André Lureau Message-Id: <20210516030403.107723-3-liq3ea@163.com> Signed-off-by: Gerd Hoffmann --- contrib/vhost-user-gpu/vhost-user-gpu.c | 1 + 1 file changed, 1 insertion(+) diff --git a/contrib/vhost-user-gpu/vhost-user-gpu.c b/contrib/vhost-user-gpu/vhost-user-gpu.c index f73f292c9f..b5e153d0d6 100644 --- a/contrib/vhost-user-gpu/vhost-user-gpu.c +++ b/contrib/vhost-user-gpu/vhost-user-gpu.c @@ -349,6 +349,7 @@ vg_resource_create_2d(VuGpu *g, g_critical("%s: resource creation failed %d %d %d", __func__, c2d.resource_id, c2d.width, c2d.height); g_free(res); + vugbm_buffer_destroy(&res->buffer); cmd->error = VIRTIO_GPU_RESP_ERR_OUT_OF_MEMORY; return; }