CVE-2021-47519

Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
24/05/2024
Last modified:
03/07/2024

Description

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> can: m_can: m_can_read_fifo: fix memory leak in error branch<br /> <br /> In m_can_read_fifo(), if the second call to m_can_fifo_read() fails,<br /> the function jump to the out_fail label and returns without calling<br /> m_can_receive_skb(). This means that the skb previously allocated by<br /> alloc_can_skb() is not freed. In other terms, this is a memory leak.<br /> <br /> This patch adds a goto label to destroy the skb if an error occurs.<br /> <br /> Issue was found with GCC -fanalyzer, please follow the link below for<br /> details.

Vulnerable products and versions

CPE From Up to
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* 5.15 (including) 5.15.8 (excluding)