CVE-2021-47519

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2021-47519

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-47519.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2021-47519

Downstream

DEBIAN-CVE-2021-47519

UBUNTU-CVE-2021-47519

Published

2024-05-24T15:15:13.783Z

Modified

2026-03-14T11:19:14.284341Z

Severity

5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator

Summary

[none]

Details

In the Linux kernel, the following vulnerability has been resolved:

can: mcan: mcanreadfifo: fix memory leak in error branch

In mcanreadfifo(), if the second call to mcanfiforead() fails, the function jump to the outfail label and returns without calling mcanreceiveskb(). This means that the skb previously allocated by alloccanskb() is not freed. In other terms, this is a memory leak.

This patch adds a goto label to destroy the skb if an error occurs.

Issue was found with GCC -fanalyzer, please follow the link below for details.

References

Affected packages

Git /

Affected ranges

Database specific

unresolved_ranges

[
    {
        "events": [
            {
                "introduced": "5.15"
            },
            {
                "fixed": "5.15.8"
            }
        ]
    }
]

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-47519.json"