CVE-2021-47070

Published: Mar 1, 2024Modified: Nov 3, 2025

5.5

Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Exploitability: 1.8 / Impact: 3.6

Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0 (Secondary)

Description

In the Linux kernel, the following vulnerability has been resolved: uio_hv_generic: Fix another memory leak in error handling paths Memory allocated by 'vmbus_alloc_ring()' at the beginning of the probe function is never freed in the error handling path. Add the missing 'vmbus_free_ring()' call. Note that it is already freed in the .remove function.

Affected (3)

Products: Linux: Linux Kernel

1 product

Configuration A

3 vulnerable

Vulnerable Software	Affected Versions
Linux Linux Kernel	From 4.20 to 5.12.7
Linux Linux Kernel	Version 5.13 rc1
Linux Linux Kernel	Version 5.13 rc2

Related CWEs

Missing Release of Memory after Effective Lifetime

The product does not sufficiently track and release allocated memory after it has been used, which slowly consumes remaining memory.

References (6)

https://git.kernel.org/stable/c/0b0226be3a52dadd965644bc52a807961c2c26df

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/261bbd90cc53d2835343f056770156cf1e82cf03

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

https://git.kernel.org/stable/c/5f59240cf25b2f7a0fdffc2701482a70310fec07

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/0b0226be3a52dadd965644bc52a807961c2c26df

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

https://git.kernel.org/stable/c/5f59240cf25b2f7a0fdffc2701482a70310fec07

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

https://lists.debian.org/debian-lts-announce/2025/10/msg00007.html

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.