CVE-2021-47523

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> IB/hfi1: Fix leak of rcvhdrtail_dummy_kvaddr<br /> <br /> This buffer is currently allocated in hfi1_init():<br /> <br /> if (reinit)<br /> ret = init_after_reset(dd);<br /> else<br /> ret = loadtime_init(dd);<br /> if (ret)<br /> goto done;<br /> <br /> /* allocate dummy tail memory for all receive contexts */<br /> dd-&gt;rcvhdrtail_dummy_kvaddr = dma_alloc_coherent(&amp;dd-&gt;pcidev-&gt;dev,<br /> sizeof(u64),<br /> &amp;dd-&gt;rcvhdrtail_dummy_dma,<br /> GFP_KERNEL);<br /> <br /> if (!dd-&gt;rcvhdrtail_dummy_kvaddr) {<br /> dd_dev_err(dd, "cannot allocate dummy tail memory\n");<br /> ret = -ENOMEM;<br /> goto done;<br /> }<br /> <br /> The reinit triggered path will overwrite the old allocation and leak it.<br /> <br /> Fix by moving the allocation to hfi1_alloc_devdata() and the deallocation<br /> to hfi1_free_devdata().