CVE-2021-47057

crypto: sun8i-ss - Fix memory leak of object d when dma_iv fails to map

Description

In the Linux kernel, the following vulnerability has been resolved: crypto: sun8i-ss - Fix memory leak of object d when dma_iv fails to map In the case where the dma_iv mapping fails, the return error path leaks the memory allocated to object d. Fix this by adding a new error return label and jumping to this to ensure d is free'd before the return. Addresses-Coverity: ("Resource leak")

Category

5.5
CVSS
Severity: Medium
CVSS 3.1 •
EPSS 0.02%
Affected: Linux Linux
Affected: Linux Linux
Published at:
Updated at:

References

Link Tags
https://git.kernel.org/stable/c/617ec35ed51f731a593ae7274228ef2cfc9cb781 patch
https://git.kernel.org/stable/c/e1f2d739849c3239df1ea3f97d40bade4b808410 patch
https://git.kernel.org/stable/c/6516cb852d704ff8d615de1f93cd443a99736c3d patch
https://git.kernel.org/stable/c/98b5ef3e97b16eaeeedb936f8bda3594ff84a70e patch

Frequently Asked Questions

What is the severity of CVE-2021-47057?
CVE-2021-47057 has been scored as a medium severity vulnerability.
How to fix CVE-2021-47057?
To fix CVE-2021-47057, make sure you are using an up-to-date version of the affected component(s) by checking the vendor release notes. As for now, there are no other specific guidelines available.
Is CVE-2021-47057 being actively exploited in the wild?
As for now, there are no information to confirm that CVE-2021-47057 is being actively exploited. According to its EPSS score, there is a ~0% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2021-47057?
CVE-2021-47057 affects Linux Linux, Linux Linux.
This platform uses data from the NIST NVD, MITRE CVE, MITRE CWE, First.org and CISA KEV but is not endorsed or certified by these entities. CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site.
© 2025 Under My Watch. All Rights Reserved.