From 275a2746730fddcf228734aabee785ce9906cea9 Mon Sep 17 00:00:00 2001 From: Yonghua Huang Date: Mon, 27 Sep 2021 04:12:41 +0300 Subject: [PATCH] doc: update 'asa.rst' for 2.6 release Update security vulnerability fix in 2.6 release. Signed-off-by: Yonghua Huang Signed-off-by: David B. Kinder --- doc/asa.rst | 15 +++++++++++++++ 1 file changed, 15 insertions(+) diff --git a/doc/asa.rst b/doc/asa.rst index 63c0bd65f..5cfc7ae4f 100644 --- a/doc/asa.rst +++ b/doc/asa.rst @@ -3,6 +3,21 @@ Security Advisory ################# +Addressed in ACRN v2.6 +************************ + +We recommend that all developers upgrade to this v2.6 release (or later), which +addresses the following security issue discovered in previous releases: + +----- + +- Memory leakage vulnerability in ``devicemodel/hw/pci/xhci.c`` + De-initializing of emulated USB devices results in a memory leakage issue + as some resources allocated for transfer are not properly released. + + **Affected Release:** v2.5 and earlier. + + Addressed in ACRN v2.5 ************************