ghsa-f8g6-27f9-3r98
Vulnerability from github
Published
2024-03-02 00:31
Modified
2024-03-02 00:31
Details
In the Linux kernel, the following vulnerability has been resolved:
uio_hv_generic: Fix a memory leak in error handling paths
If 'vmbus_establish_gpadl()' fails, the (recv|send)_gpadl will not be updated and 'hv_uio_cleanup()' in the error handling path will not be able to free the corresponding buffer.
In such a case, we need to free the buffer explicitly.
{ "affected": [], "aliases": [ "CVE-2021-47071" ], "database_specific": { "cwe_ids": [], "github_reviewed": false, "github_reviewed_at": null, "nvd_published_at": "2024-03-01T22:15:46Z", "severity": null }, "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nuio_hv_generic: Fix a memory leak in error handling paths\n\nIf \u0027vmbus_establish_gpadl()\u0027 fails, the (recv|send)_gpadl will not be\nupdated and \u0027hv_uio_cleanup()\u0027 in the error handling path will not be\nable to free the corresponding buffer.\n\nIn such a case, we need to free the buffer explicitly.", "id": "GHSA-f8g6-27f9-3r98", "modified": "2024-03-02T00:31:30Z", "published": "2024-03-02T00:31:30Z", "references": [ { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-47071" }, { "type": "WEB", "url": "https://git.kernel.org/stable/c/3ee098f96b8b6c1a98f7f97915f8873164e6af9d" }, { "type": "WEB", "url": "https://git.kernel.org/stable/c/53486c467e356e06aa37047c984fccd64d78c827" }, { "type": "WEB", "url": "https://git.kernel.org/stable/c/cdd91637d4ef33e2be19a8e16e72e7d00c996d76" }, { "type": "WEB", "url": "https://git.kernel.org/stable/c/d84b5e912212b05f6b5bde9f682046accfbe0354" } ], "schema_version": "1.4.0", "severity": [] }
Loading...
Loading...
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.