{"dataType":"CVE_RECORD","dataVersion":"5.1","cveMetadata":{"cveId":"CVE-2021-47364","assignerOrgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","state":"PUBLISHED","assignerShortName":"Linux","dateReserved":"2024-05-21T14:58:30.809Z","datePublished":"2024-05-21T15:03:31.852Z","dateUpdated":"2025-05-04T07:09:25.272Z"},"containers":{"cna":{"providerMetadata":{"orgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","shortName":"Linux","dateUpdated":"2025-05-04T07:09:25.272Z"},"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\ncomedi: Fix memory leak in compat_insnlist()\n\n`compat_insnlist()` handles the 32-bit version of the `COMEDI_INSNLIST`\nioctl (whenwhen `CONFIG_COMPAT` is enabled).  It allocates memory to\ntemporarily hold an array of `struct comedi_insn` converted from the\n32-bit version in user space.  This memory is only being freed if there\nis a fault while filling the array, otherwise it is leaked.\n\nAdd a call to `kfree()` to fix the leak."}],"affected":[{"product":"Linux","vendor":"Linux","defaultStatus":"unaffected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["drivers/comedi/comedi_fops.c"],"versions":[{"version":"b8d47d8813055ce38c0d2ad913d5462017e52692","lessThan":"8d6a21e4cd6a319b0662cbe4ad6199e276ac776a","status":"affected","versionType":"git"},{"version":"b8d47d8813055ce38c0d2ad913d5462017e52692","lessThan":"f217b6c1e28ed0b353634ce4d92a155b80bd1671","status":"affected","versionType":"git"},{"version":"b8d47d8813055ce38c0d2ad913d5462017e52692","lessThan":"bb509a6ffed2c8b0950f637ab5779aa818ed1596","status":"affected","versionType":"git"}]},{"product":"Linux","vendor":"Linux","defaultStatus":"affected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["drivers/comedi/comedi_fops.c"],"versions":[{"version":"5.8","status":"affected"},{"version":"0","lessThan":"5.8","status":"unaffected","versionType":"semver"},{"version":"5.10.70","lessThanOrEqual":"5.10.*","status":"unaffected","versionType":"semver"},{"version":"5.14.9","lessThanOrEqual":"5.14.*","status":"unaffected","versionType":"semver"},{"version":"5.15","lessThanOrEqual":"*","status":"unaffected","versionType":"original_commit_for_fix"}]}],"cpeApplicability":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.8","versionEndExcluding":"5.10.70"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.8","versionEndExcluding":"5.14.9"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.8","versionEndExcluding":"5.15"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/8d6a21e4cd6a319b0662cbe4ad6199e276ac776a"},{"url":"https://git.kernel.org/stable/c/f217b6c1e28ed0b353634ce4d92a155b80bd1671"},{"url":"https://git.kernel.org/stable/c/bb509a6ffed2c8b0950f637ab5779aa818ed1596"}],"title":"comedi: Fix memory leak in compat_insnlist()","x_generator":{"engine":"bippy-1.2.0"}},"adp":[{"title":"CISA ADP Vulnrichment","metrics":[{"other":{"type":"ssvc","content":{"id":"CVE-2021-47364","role":"CISA Coordinator","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"partial"}],"version":"2.0.3","timestamp":"2024-05-23T18:02:02.368572Z"}}}],"providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2024-06-04T17:14:38.164Z"}},{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-04T05:32:08.649Z"},"title":"CVE Program Container","references":[{"url":"https://git.kernel.org/stable/c/8d6a21e4cd6a319b0662cbe4ad6199e276ac776a","tags":["x_transferred"]},{"url":"https://git.kernel.org/stable/c/f217b6c1e28ed0b353634ce4d92a155b80bd1671","tags":["x_transferred"]},{"url":"https://git.kernel.org/stable/c/bb509a6ffed2c8b0950f637ab5779aa818ed1596","tags":["x_transferred"]}]}]}}