Vulnerability Description
In the Linux kernel, the following vulnerability has been resolved: uio_hv_generic: Fix a memory leak in error handling paths If 'vmbus_establish_gpadl()' fails, the (recv|send)_gpadl will not be updated and 'hv_uio_cleanup()' in the error handling path will not be able to free the corresponding buffer. In such a case, we need to free the buffer explicitly.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Linux | Linux Kernel | >= 4.20, < 5.4.122 |
Related Weaknesses (CWE)
References
- https://git.kernel.org/stable/c/3ee098f96b8b6c1a98f7f97915f8873164e6af9dPatch
- https://git.kernel.org/stable/c/53486c467e356e06aa37047c984fccd64d78c827Patch
- https://git.kernel.org/stable/c/cdd91637d4ef33e2be19a8e16e72e7d00c996d76Patch
- https://git.kernel.org/stable/c/d84b5e912212b05f6b5bde9f682046accfbe0354Patch
- https://git.kernel.org/stable/c/3ee098f96b8b6c1a98f7f97915f8873164e6af9dPatch
- https://git.kernel.org/stable/c/53486c467e356e06aa37047c984fccd64d78c827Patch
- https://git.kernel.org/stable/c/cdd91637d4ef33e2be19a8e16e72e7d00c996d76Patch
- https://git.kernel.org/stable/c/d84b5e912212b05f6b5bde9f682046accfbe0354Patch
FAQ
What is CVE-2021-47071?
CVE-2021-47071 is a vulnerability with a CVSS score of 5.5 (MEDIUM). In the Linux kernel, the following vulnerability has been resolved: uio_hv_generic: Fix a memory leak in error handling paths If 'vmbus_establish_gpadl()' fails, the (recv|send)_gpadl will not be up...
How severe is CVE-2021-47071?
CVE-2021-47071 has been rated MEDIUM with a CVSS base score of 5.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2021-47071?
Check the references section above for vendor advisories and patch information. Affected products include: Linux Linux Kernel.