In the Linux kernel, the following vulnerability has been resolved: scsi:
core: Fix error handling of scsi_host_alloc() After device is initialized
via device_initialize(), or its name is set via dev_set_name(), the device
has to be freed via put_device(). Otherwise device name will be leaked
because it is allocated dynamically in dev_set_name(). Fix the leak by
replacing kfree() with put_device(). Since scsi_host_dev_release() properly
handles IDA and kthread removal, remove special-casing these from the error
handling as well.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 18.04 | noarch | linux | < any | UNKNOWN |
ubuntu | 20.04 | noarch | linux | < any | UNKNOWN |
ubuntu | 18.04 | noarch | linux-aws | < any | UNKNOWN |
ubuntu | 20.04 | noarch | linux-aws | < any | UNKNOWN |
ubuntu | 18.04 | noarch | linux-aws-5.4 | < any | UNKNOWN |
ubuntu | 16.04 | noarch | linux-aws-hwe | < any | UNKNOWN |
ubuntu | 20.04 | noarch | linux-azure | < any | UNKNOWN |
ubuntu | 14.04 | noarch | linux-azure | < any | UNKNOWN |
ubuntu | 16.04 | noarch | linux-azure | < any | UNKNOWN |
ubuntu | 18.04 | noarch | linux-azure-4.15 | < any | UNKNOWN |
git.kernel.org/linus/66a834d092930cf41d809c0e989b13cd6f9ca006 (5.13-rc6)
git.kernel.org/stable/c/2dc85045ae65b9302a1d2e2ddd7ce4c030153a6a
git.kernel.org/stable/c/45d83db4728127944b237c0c8248987df9d478e7
git.kernel.org/stable/c/66a834d092930cf41d809c0e989b13cd6f9ca006
git.kernel.org/stable/c/79296e292d67fa7b5fb8d8c27343683e823872c8
git.kernel.org/stable/c/7a696ce1d5d16a33a6cd6400bbcc0339b2460e11
git.kernel.org/stable/c/8958181c1663e24a13434448e7d6b96b5d04900a
git.kernel.org/stable/c/db08ce595dd64ea9859f7d088b51cbfc8e685c66
launchpad.net/bugs/cve/CVE-2021-47258
nvd.nist.gov/vuln/detail/CVE-2021-47258
security-tracker.debian.org/tracker/CVE-2021-47258
www.cve.org/CVERecord?id=CVE-2021-47258