CVE-2021-47071
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
01/03/2024
Last modified:
12/12/2024
Description
In the Linux kernel, the following vulnerability has been resolved:<br />
<br />
uio_hv_generic: Fix a memory leak in error handling paths<br />
<br />
If &#39;vmbus_establish_gpadl()&#39; fails, the (recv|send)_gpadl will not be<br />
updated and &#39;hv_uio_cleanup()&#39; in the error handling path will not be<br />
able to free the corresponding buffer.<br />
<br />
In such a case, we need to free the buffer explicitly.
Impact
Base Score 3.x
5.50
Severity 3.x
MEDIUM
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 4.20 (including) | 5.4.122 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 5.5 (including) | 5.10.40 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 5.11 (including) | 5.12.7 (excluding) |
| cpe:2.3:o:linux:linux_kernel:5.13:rc1:*:*:*:*:*:* | ||
| cpe:2.3:o:linux:linux_kernel:5.13:rc2:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- https://git.kernel.org/stable/c/3ee098f96b8b6c1a98f7f97915f8873164e6af9d
- https://git.kernel.org/stable/c/53486c467e356e06aa37047c984fccd64d78c827
- https://git.kernel.org/stable/c/cdd91637d4ef33e2be19a8e16e72e7d00c996d76
- https://git.kernel.org/stable/c/d84b5e912212b05f6b5bde9f682046accfbe0354
- https://git.kernel.org/stable/c/3ee098f96b8b6c1a98f7f97915f8873164e6af9d
- https://git.kernel.org/stable/c/53486c467e356e06aa37047c984fccd64d78c827
- https://git.kernel.org/stable/c/cdd91637d4ef33e2be19a8e16e72e7d00c996d76
- https://git.kernel.org/stable/c/d84b5e912212b05f6b5bde9f682046accfbe0354