In the Linux kernel, the following vulnerability has been resolved:
irqchip/gic-v3-its: Fix potential VPE leak on error In
its_vpe_irq_domain_alloc, when its_vpe_init() returns an error, there is an
off-by-one in the number of VPEs to be freed. Fix it by simply passing the
number of VPEs allocated, which is the index of the loop iterating over the
VPEs. [maz: fixed commit message]
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 18.04 | noarch | linux | < any | UNKNOWN |
ubuntu | 20.04 | noarch | linux | < any | UNKNOWN |
ubuntu | 18.04 | noarch | linux-aws | < any | UNKNOWN |
ubuntu | 20.04 | noarch | linux-aws | < any | UNKNOWN |
ubuntu | 18.04 | noarch | linux-aws-5.4 | < any | UNKNOWN |
ubuntu | 16.04 | noarch | linux-aws-hwe | < any | UNKNOWN |
ubuntu | 20.04 | noarch | linux-azure | < any | UNKNOWN |
ubuntu | 14.04 | noarch | linux-azure | < any | UNKNOWN |
ubuntu | 16.04 | noarch | linux-azure | < any | UNKNOWN |
ubuntu | 18.04 | noarch | linux-azure-4.15 | < any | UNKNOWN |
git.kernel.org/linus/280bef512933b2dda01d681d8cbe499b98fc5bdd (5.15-rc3)
git.kernel.org/stable/c/280bef512933b2dda01d681d8cbe499b98fc5bdd
git.kernel.org/stable/c/42d3711c23781045e7a5cd28536c774b9a66d20b
git.kernel.org/stable/c/568662e37f927e3dc3e475f3ff7cf4ab7719c5e7
git.kernel.org/stable/c/5701e8bff314c155e7afdc467b1e0389d86853d0
git.kernel.org/stable/c/7d39992d45acd6f2d6b2f62389c55b61fb3d486b
git.kernel.org/stable/c/e0c1c2e5da19685a20557a50f10c6aa4fa26aa84
launchpad.net/bugs/cve/CVE-2021-47373
nvd.nist.gov/vuln/detail/CVE-2021-47373
security-tracker.debian.org/tracker/CVE-2021-47373
www.cve.org/CVERecord?id=CVE-2021-47373