CVE-2021-47075

Published: Mar 1, 2024Modified: Mar 19, 2025

5.3

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Exploitability: 3.9 / Impact: 1.4

Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0 (Secondary)

Description

In the Linux kernel, the following vulnerability has been resolved: nvmet: fix memory leak in nvmet_alloc_ctrl() When creating ctrl in nvmet_alloc_ctrl(), if the cntlid_min is larger than cntlid_max of the subsystem, and jumps to the "out_free_changed_ns_list" label, but the ctrl->sqs lack of be freed. Fix this by jumping to the "out_free_sqs" label.

Affected (4)

Products: Linux: Linux Kernel

1 product

Configuration A

4 vulnerable

Vulnerable Software	Affected Versions
Linux Linux Kernel	From 5.11 to 5.12.7
Linux Linux Kernel	From 5.7 to 5.10.40
Linux Linux Kernel	Version 5.13 rc1
Linux Linux Kernel	Version 5.13 rc2

Related CWEs

Missing Release of Memory after Effective Lifetime

The product does not sufficiently track and release allocated memory after it has been used, which slowly consumes remaining memory.

References (6)

https://git.kernel.org/stable/c/4720f29acb3fe67aa8aa71e6b675b079d193aaeb

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/afb680ed7ecbb7fd66ddb43650e9b533fd8b4b9a

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/fec356a61aa3d3a66416b4321f1279e09e0f256f

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/4720f29acb3fe67aa8aa71e6b675b079d193aaeb

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

https://git.kernel.org/stable/c/afb680ed7ecbb7fd66ddb43650e9b533fd8b4b9a

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

https://git.kernel.org/stable/c/fec356a61aa3d3a66416b4321f1279e09e0f256f

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

Timeline

No history available yet.