CVE-2021-47516
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
24/05/2024
Last modified:
10/06/2024
Description
In the Linux kernel, the following vulnerability has been resolved:<br />
<br />
nfp: Fix memory leak in nfp_cpp_area_cache_add()<br />
<br />
In line 800 (#1), nfp_cpp_area_alloc() allocates and initializes a<br />
CPP area structure. But in line 807 (#2), when the cache is allocated<br />
failed, this CPP area structure is not freed, which will result in<br />
memory leak.<br />
<br />
We can fix it by freeing the CPP area when the cache is allocated<br />
failed (#2).<br />
<br />
792 int nfp_cpp_area_cache_add(struct nfp_cpp *cpp, size_t size)<br />
793 {<br />
794 struct nfp_cpp_area_cache *cache;<br />
795 struct nfp_cpp_area *area;<br />
<br />
800 area = nfp_cpp_area_alloc(cpp, NFP_CPP_ID(7, NFP_CPP_ACTION_RW, 0),<br />
801 0, size);<br />
// #1: allocates and initializes<br />
<br />
802 if (!area)<br />
803 return -ENOMEM;<br />
<br />
805 cache = kzalloc(sizeof(*cache), GFP_KERNEL);<br />
806 if (!cache)<br />
807 return -ENOMEM; // #2: missing free<br />
<br />
817 return 0;<br />
818 }
Impact
Base Score 3.x
5.50
Severity 3.x
MEDIUM
Vulnerable products and versions
CPE | From | Up to |
---|---|---|
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 4.11 (including) | 4.14.258 (excluding) |
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 4.15 (including) | 4.19.221 (excluding) |
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 4.20 (including) | 5.4.165 (excluding) |
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 5.5 (including) | 5.10.85 (excluding) |
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 5.11 (including) | 5.15.8 (excluding) |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- https://git.kernel.org/stable/c/2e0e072e62fdaf7816220af08e05c020f0fcb77a
- https://git.kernel.org/stable/c/3e93abcdcec0436fbf0b6a88ae806902426895a2
- https://git.kernel.org/stable/c/484069b5de9d223cc1c64c6f80389a99cfef51f1
- https://git.kernel.org/stable/c/c56c96303e9289cc34716b1179597b6f470833de
- https://git.kernel.org/stable/c/eb51f639ef3fd5498b7def290ed8681b6aadd9a7
- https://git.kernel.org/stable/c/f707820c09239d6f67699d9b2ff57863cc7905b0