Description

In the Linux kernel, the following vulnerability has been resolved: comedi: Fix memory leak in compat_insnlist() `compat_insnlist()` handles the 32-bit version of the `COMEDI_INSNLIST` ioctl (whenwhen `CONFIG_COMPAT` is enabled). It allocates memory to temporarily hold an array of `struct comedi_insn` converted from the 32-bit version in user space. This memory is only being freed if there is a fault while filling the array, otherwise it is leaked. Add a call to `kfree()` to fix the leak.

INFO

Published Date :

2024-05-21T15:03:31.852Z

Last Modified :

2025-05-04T07:09:25.272Z

Source :

Linux
AFFECTED PRODUCTS

The following products are affected by CVE-2021-47364 vulnerability.

Vendors Products
Linux
  • Linux Kernel
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2021-47364.

URL Resource
https://git.kernel.org/stable/c/8d6a21e4cd6a319b0662cbe4ad6199e276ac776a cve-icon cve-icon
https://git.kernel.org/stable/c/bb509a6ffed2c8b0950f637ab5779aa818ed1596 cve-icon cve-icon
https://git.kernel.org/stable/c/f217b6c1e28ed0b353634ce4d92a155b80bd1671 cve-icon cve-icon
https://lore.kernel.org/linux-cve-announce/2024052138-CVE-2021-47364-a7c7@gregkh/T cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2021-47364 cve-icon
https://www.cve.org/CVERecord?id=CVE-2021-47364 cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact