-
由 Gerd Hoffmann 提交于
AUD_add_capture() allocates two buffers which are never released. Add the missing calls to AUD_del_capture(). Impact: Allows vnc clients to exhaust host memory by repeatedly starting and stopping audio capture. Fixes: CVE-2017-8309 Cc: P J P <ppandit@redhat.com> Cc: Huawei PSIRT <PSIRT@huawei.com> Reported-by: N"Jiangxin (hunter, SCC)" <jiangxin1@huawei.com> Signed-off-by: NGerd Hoffmann <kraxel@redhat.com> Reviewed-by: NPrasad J Pandit <pjp@fedoraproject.org> Message-id: 20170428075612.9997-1-kraxel@redhat.com
3268a845