CVE-2021-47305

2024-05-2100:00:00

ubuntu.com

linux kernel

dma-buf/sync_file

merge failure

fence leakage

vulnerability

6.6 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

10.3%

JSON

In the Linux kernel, the following vulnerability has been resolved:
dma-buf/sync_file: Don’t leak fences on merge failure Each add_fence() call
does a dma_fence_get() on the relevant fence. In the error path, we weren’t
calling dma_fence_put() so all those fences got leaked. Also, in the
krealloc_array failure case, we weren’t freeing the fences array. Instead,
ensure that i and fences are always zero-initialized and dma_fence_put()
all the fences and kfree(fences) on every error path.

OSVersionArchitecturePackageVersionFilename
ubuntu18.04noarchlinux< anyUNKNOWN
ubuntu20.04noarchlinux< anyUNKNOWN
ubuntu18.04noarchlinux-aws< anyUNKNOWN
ubuntu20.04noarchlinux-aws< anyUNKNOWN
ubuntu18.04noarchlinux-aws-5.4< anyUNKNOWN
ubuntu16.04noarchlinux-aws-hwe< anyUNKNOWN
ubuntu20.04noarchlinux-azure< anyUNKNOWN
ubuntu14.04noarchlinux-azure< anyUNKNOWN
ubuntu16.04noarchlinux-azure< anyUNKNOWN
ubuntu18.04noarchlinux-azure-4.15< anyUNKNOWN

OS	Version	Architecture	Package	Version	Filename
ubuntu	18.04	noarch	linux	< any	UNKNOWN
ubuntu	20.04	noarch	linux	< any	UNKNOWN
ubuntu	18.04	noarch	linux-aws	< any	UNKNOWN
ubuntu	20.04	noarch	linux-aws	< any	UNKNOWN
ubuntu	18.04	noarch	linux-aws-5.4	< any	UNKNOWN
ubuntu	16.04	noarch	linux-aws-hwe	< any	UNKNOWN
ubuntu	20.04	noarch	linux-azure	< any	UNKNOWN
ubuntu	14.04	noarch	linux-azure	< any	UNKNOWN
ubuntu	16.04	noarch	linux-azure	< any	UNKNOWN
ubuntu	18.04	noarch	linux-azure-4.15	< any	UNKNOWN