CVE-2021-47330

tty: serial: 8250: serial_cs: Fix a memory leak in error handling path

Description

In the Linux kernel, the following vulnerability has been resolved: tty: serial: 8250: serial_cs: Fix a memory leak in error handling path In the probe function, if the final 'serial_config()' fails, 'info' is leaking. Add a resource handling path to free this memory.

Category

5.5
CVSS
Severity: Medium
CVSS 3.1 •
EPSS 0.04%
Affected: Linux Linux
Affected: Linux Linux
Published at:
Updated at:

References

Link Tags
https://git.kernel.org/stable/c/b5a2799cd62ed30c81b22c23028d9ee374e2138c patch
https://git.kernel.org/stable/c/331f5923fce4f45b8170ccf06c529e8eb28f37bc patch
https://git.kernel.org/stable/c/34f4590f5ec9859ea9136249f528173d150bd584 patch
https://git.kernel.org/stable/c/cddee5c287e26f6b2ba5c0ffdfc3a846f2f10461 patch
https://git.kernel.org/stable/c/ee16bed959862a6de2913f71a04cb563d7237b67 patch
https://git.kernel.org/stable/c/7a80f71601af015856a0aeb1e3c294037ac3dd32 patch
https://git.kernel.org/stable/c/c39cf4df19acf0133fa284a8cd83fad42cd13cc2 patch
https://git.kernel.org/stable/c/b2ef1f5de40342de44fc5355321595f91774dab5 patch
https://git.kernel.org/stable/c/fad92b11047a748c996ebd6cfb164a63814eeb2e patch

Frequently Asked Questions

What is the severity of CVE-2021-47330?
CVE-2021-47330 has been scored as a medium severity vulnerability.
How to fix CVE-2021-47330?
To fix CVE-2021-47330, make sure you are using an up-to-date version of the affected component(s) by checking the vendor release notes. As for now, there are no other specific guidelines available.
Is CVE-2021-47330 being actively exploited in the wild?
As for now, there are no information to confirm that CVE-2021-47330 is being actively exploited. According to its EPSS score, there is a ~0% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2021-47330?
CVE-2021-47330 affects Linux Linux, Linux Linux.
This platform uses data from the NIST NVD, MITRE CVE, MITRE CWE, First.org and CISA KEV but is not endorsed or certified by these entities. CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site.
© 2025 Under My Watch. All Rights Reserved.