In update_eth_regs_async() neither the URB nor the request structure are being freed if usb_submit_urb() fails. The patch fixes this long lurking bug in the error path.
Signed-off-by: Petko Manolov petko.manolov@konsulko.com --- drivers/net/usb/pegasus.c | 2 ++ 1 file changed, 2 insertions(+)
diff --git a/drivers/net/usb/pegasus.c b/drivers/net/usb/pegasus.c index 81ca64debc5b..7a70207e7364 100644 --- a/drivers/net/usb/pegasus.c +++ b/drivers/net/usb/pegasus.c @@ -168,6 +168,8 @@ static int update_eth_regs_async(pegasus_t *pegasus) netif_device_detach(pegasus->net); netif_err(pegasus, drv, pegasus->net, "%s returned %d\n", __func__, ret); + kfree(req); + usb_free_urb(async_urb); } return ret; }
Hi,
Thanks for your patch.
FYI: kernel test robot notices the stable kernel rule is not satisfied.
The check is based on https://www.kernel.org/doc/html/latest/process/stable-kernel-rules.html#opti...
Rule: add the tag "Cc: stable@vger.kernel.org" in the sign-off area to have the patch automatically included in the stable tree. Subject: [PATCH] net: usb: pegasus: fix memory leak on usb_submit_urb() failure Link: https://lore.kernel.org/stable/20251216184113.197439-1-petko.manolov%40konsu...
linux-stable-mirror@lists.linaro.org
-
kernel test robot -
Petko Manolov