CVE-2021-47158

Published: Mar 25, 2024Modified: Dec 12, 2024

5.5

Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Exploitability: 1.8 / Impact: 3.6

Source: NVD

Description

In the Linux kernel, the following vulnerability has been resolved: net: dsa: sja1105: add error handling in sja1105_setup() If any of sja1105_static_config_load(), sja1105_clocking_setup() or sja1105_devlink_setup() fails, we can't just return in the middle of sja1105_setup() or memory will leak. Add a cleanup path.

Affected (5)

Products: Linux: Linux Kernel

1 product

Configuration A

5 vulnerable

Vulnerable Software	Affected Versions
Linux Linux Kernel	From 5.11 to 5.12.9
Linux Linux Kernel	From 5.2 to 5.10.42
Linux Linux Kernel	Version 5.13 rc1
Linux Linux Kernel	Version 5.13 rc2
Linux Linux Kernel	Version 5.13 rc3

Related CWEs

Missing Release of Memory after Effective Lifetime

The product does not sufficiently track and release allocated memory after it has been used, which slowly consumes remaining memory.

References (6)

https://git.kernel.org/stable/c/987e4ab8b8a4fcbf783069e03e7524cd39ffd563

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/cec279a898a3b004411682f212215ccaea1cd0fb

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/dd8609f203448ca6d58ae71461208b3f6b0329b0

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/987e4ab8b8a4fcbf783069e03e7524cd39ffd563

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

https://git.kernel.org/stable/c/cec279a898a3b004411682f212215ccaea1cd0fb

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

https://git.kernel.org/stable/c/dd8609f203448ca6d58ae71461208b3f6b0329b0

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

Timeline

No history available yet.