CVE-2021-47070

Summary

In the Linux kernel, the following vulnerability has been resolved:

uio_hv_generic: Fix another memory leak in error handling paths

Memory allocated by 'vmbus_alloc_ring()' at the beginning of the probe function is never freed in the error handling path.

Add the missing 'vmbus_free_ring()' call.

Note that it is already freed in the .remove function.

Affected Software

VendorProductVersion RangeStatus
LinuxLinuxcdfa835c6e5e87d145f9f632b58843de97509f2b < 261bbd90cc53d2835343f056770156cf1e82cf03affected
LinuxLinuxcdfa835c6e5e87d145f9f632b58843de97509f2b < 5f59240cf25b2f7a0fdffc2701482a70310fec07affected
LinuxLinuxcdfa835c6e5e87d145f9f632b58843de97509f2b < 0b0226be3a52dadd965644bc52a807961c2c26dfaffected
LinuxLinux4.20affected
LinuxLinux0 < 4.20unaffected
LinuxLinux5.10.241 <= 5.10.*unaffected
LinuxLinux5.12.7 <= 5.12.*unaffected
LinuxLinux5.13 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

CVE Program Container

Additional References

References