From bippy-851b3ed3d212 Mon Sep 17 00:00:00 2001
From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
To: <linux-cve-announce@vger.kernel.org>
Reply-to: <cve@kernel.org>, <linux-kernel@vger.kernel.org>
Subject: CVE-2021-46985: ACPI: scan: Fix a memory leak in an error handling path

Description
===========

In the Linux kernel, the following vulnerability has been resolved:

ACPI: scan: Fix a memory leak in an error handling path

If 'acpi_device_set_name()' fails, we must free
'acpi_device_bus_id->bus_id' or there is a (potential) memory leak.

The Linux kernel CVE team has assigned CVE-2021-46985 to this issue.


Affected and fixed versions
===========================

	Issue introduced in 4.9.264 with commit e5cdbe419004 and fixed in 4.9.269 with commit 6901a4f795e0
	Issue introduced in 4.14.228 with commit 717d9d88fbd9 and fixed in 4.14.233 with commit 5ab9857dde7c
	Issue introduced in 4.19.184 with commit 7385e438e1f3 and fixed in 4.19.191 with commit 69cc821e89ce
	Issue introduced in 5.4.109 with commit bc0b1a2036dd and fixed in 5.4.120 with commit dafd4c0b5e83
	Issue introduced in 5.10.27 with commit 4a5891992c68 and fixed in 5.10.38 with commit e2381174daea
	Issue introduced in 5.11.11 with commit 321dbe6c0b55 and fixed in 5.11.22 with commit c5c8f6ffc942
	Issue introduced in 5.12 with commit eb50aaf960e3 and fixed in 5.12.5 with commit a7e17a8d421a
	Issue introduced in 5.12 with commit eb50aaf960e3 and fixed in 5.13 with commit 0c8bd174f0fc

Please see https://www.kernel.org for a full list of currently supported
kernel versions by the kernel community.

Unaffected versions might change over time as fixes are backported to
older supported kernel versions.  The official CVE entry at
	https://cve.org/CVERecord/?id=CVE-2021-46985
will be updated if fixes are backported, please check that for the most
up to date information about this issue.


Affected files
==============

The file(s) affected by this issue are:
	drivers/acpi/scan.c


Mitigation
==========

The Linux kernel CVE team recommends that you update to the latest
stable kernel version for this, and many other bugfixes.  Individual
changes are never tested alone, but rather are part of a larger kernel
release.  Cherry-picking individual commits is not recommended or
supported by the Linux kernel community at all.  If however, updating to
the latest release is impossible, the individual changes to resolve this
issue can be found at these commits:
	https://git.kernel.org/stable/c/6901a4f795e0e8d65ae779cb37fc22e0bf294712
	https://git.kernel.org/stable/c/5ab9857dde7c3ea3faef6b128d718cf8ba98721b
	https://git.kernel.org/stable/c/69cc821e89ce572884548ac54c4f80eec7a837a5
	https://git.kernel.org/stable/c/dafd4c0b5e835db020cff11c74b4af9493a58e72
	https://git.kernel.org/stable/c/e2381174daeae0ca35eddffef02dcc8de8c1ef8a
	https://git.kernel.org/stable/c/c5c8f6ffc942cf42f990f22e35bcf4cbe9d8c2fb
	https://git.kernel.org/stable/c/a7e17a8d421ae23c920240625b4413c7b94d94a4
	https://git.kernel.org/stable/c/0c8bd174f0fc131bc9dfab35cd8784f59045da87