CVE-2021-47422 - Vulnerability Details

Vendors	Products
Linux	Linux Kernel

Link	Providers
https://git.kernel.org/stable/c/0b3d4945cc7e7ea1acd52cb06dfa83bfe265b6d5
https://git.kernel.org/stable/c/0b4e9fc14973a94ac0520f19b3633493ae13c912
https://git.kernel.org/stable/c/65fff0a8efcdca8d84ffe3e23057c3b32403482d
https://lore.kernel.org/linux-cve-announce/2024052155-CVE-2021-47422-3f95@gregkh/T
https://nvd.nist.gov/vuln/detail/CVE-2021-47422
https://www.cve.org/CVERecord?id=CVE-2021-47422

Type	Values Removed	Values Added
First Time appeared		Linux Linux linux Kernel
Weaknesses		CWE-401
CPEs		cpe:2.3:o:linux:linux_kernel:::::::: cpe:2.3:o:linux:linux_kernel:5.15:rc1:::::: cpe:2.3:o:linux:linux_kernel:5.15:rc2:::::: cpe:2.3:o:linux:linux_kernel:5.15:rc3:::::: cpe:2.3:o:linux:linux_kernel:5.15:rc4::::::
Vendors & Products		Linux Linux linux Kernel
Metrics	cvssV3_1 `{'score': 4.4, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N'}`	cvssV3_1 `{'score': 5.5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H'}`

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Show plain JSON

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2021-47422", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2024-05-21T14:58:30.820Z", "datePublished": "2024-05-21T15:04:09.947Z", "dateUpdated": "2024-12-19T07:41:40.948Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2024-12-19T07:41:40.948Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/nouveau/kms/nv50-: fix file release memory leak\n\nWhen using single_open() for opening, single_release() should be\ncalled, otherwise the 'op' allocated in single_open() will be leaked."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/gpu/drm/nouveau/dispnv50/crc.c"], "versions": [{"version": "12885ecbfe62df4358d452080d3b8feef54ec8cb", "lessThan": "65fff0a8efcdca8d84ffe3e23057c3b32403482d", "status": "affected", "versionType": "git"}, {"version": "12885ecbfe62df4358d452080d3b8feef54ec8cb", "lessThan": "0b4e9fc14973a94ac0520f19b3633493ae13c912", "status": "affected", "versionType": "git"}, {"version": "12885ecbfe62df4358d452080d3b8feef54ec8cb", "lessThan": "0b3d4945cc7e7ea1acd52cb06dfa83bfe265b6d5", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/gpu/drm/nouveau/dispnv50/crc.c"], "versions": [{"version": "5.9", "status": "affected"}, {"version": "0", "lessThan": "5.9", "status": "unaffected", "versionType": "semver"}, {"version": "5.10.73", "lessThanOrEqual": "5.10.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.14.12", "lessThanOrEqual": "5.14.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.15", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "references": [{"url": "https://git.kernel.org/stable/c/65fff0a8efcdca8d84ffe3e23057c3b32403482d"}, {"url": "https://git.kernel.org/stable/c/0b4e9fc14973a94ac0520f19b3633493ae13c912"}, {"url": "https://git.kernel.org/stable/c/0b3d4945cc7e7ea1acd52cb06dfa83bfe265b6d5"}], "title": "drm/nouveau/kms/nv50-: fix file release memory leak", "x_generator": {"engine": "bippy-5f407fcff5a0"}}, "adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2021-47422", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-05-21T18:20:21.213988Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-04T17:13:50.386Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T05:39:59.509Z"}, "title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/65fff0a8efcdca8d84ffe3e23057c3b32403482d", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/0b4e9fc14973a94ac0520f19b3633493ae13c912", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/0b3d4945cc7e7ea1acd52cb06dfa83bfe265b6d5", "tags": ["x_transferred"]}]}]}}

{

dataType : CVE_RECORD (string)

dataVersion : 5.1 (string)

cveMetadata : { »

cveId : CVE-2021-47422 (string)

assignerOrgId : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

state : PUBLISHED (string)

assignerShortName : Linux (string)

dateReserved : 2024-05-21T14:58:30.820Z (string)

datePublished : 2024-05-21T15:04:09.947Z (string)

dateUpdated : 2024-12-19T07:41:40.948Z (string)

}

containers : { »

cna : { »

providerMetadata : { »

orgId : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

shortName : Linux (string)

dateUpdated : 2024-12-19T07:41:40.948Z (string)

}

descriptions : [ »

0 : { »

lang : en (string)

value : In the Linux kernel, the following vulnerability has been resolved: drm/nouveau/kms/nv50-: fix file release memory leak When using single_open() for opening, single_release() should be called, otherwise the 'op' allocated in single_open() will be leaked. (string)

}

]

affected : [ »

0 : { »

product : Linux (string)

vendor : Linux (string)

defaultStatus : unaffected (string)

repo : https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git (string)

programFiles : [ »

0 : drivers/gpu/drm/nouveau/dispnv50/crc.c (string)

]

versions : [ »

0 : { »

version : 12885ecbfe62df4358d452080d3b8feef54ec8cb (string)

lessThan : 65fff0a8efcdca8d84ffe3e23057c3b32403482d (string)

status : affected (string)

versionType : git (string)

}

1 : { »

version : 12885ecbfe62df4358d452080d3b8feef54ec8cb (string)

lessThan : 0b4e9fc14973a94ac0520f19b3633493ae13c912 (string)

status : affected (string)

versionType : git (string)

}

2 : { »

version : 12885ecbfe62df4358d452080d3b8feef54ec8cb (string)

lessThan : 0b3d4945cc7e7ea1acd52cb06dfa83bfe265b6d5 (string)

status : affected (string)

versionType : git (string)

}

]

}

1 : { »

product : Linux (string)

vendor : Linux (string)

defaultStatus : affected (string)

repo : https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git (string)

programFiles : [ »

0 : drivers/gpu/drm/nouveau/dispnv50/crc.c (string)

]

versions : [ »

0 : { »

version : 5.9 (string)

status : affected (string)

}

1 : { »

version : 0 (string)

lessThan : 5.9 (string)

status : unaffected (string)

versionType : semver (string)

}

2 : { »

version : 5.10.73 (string)

lessThanOrEqual : 5.10.* (string)

status : unaffected (string)

versionType : semver (string)

}

3 : { »

version : 5.14.12 (string)

lessThanOrEqual : 5.14.* (string)

status : unaffected (string)

versionType : semver (string)

}

4 : { »

version : 5.15 (string)

lessThanOrEqual : * (string)

status : unaffected (string)

versionType : original_commit_for_fix (string)

}

]

}

]

references : [ »

0 : { »

url : https://git.kernel.org/stable/c/65fff0a8efcdca8d84ffe3e23057c3b32403482d (string)

}

1 : { »

url : https://git.kernel.org/stable/c/0b4e9fc14973a94ac0520f19b3633493ae13c912 (string)

}

2 : { »

url : https://git.kernel.org/stable/c/0b3d4945cc7e7ea1acd52cb06dfa83bfe265b6d5 (string)

}

]

title : drm/nouveau/kms/nv50-: fix file release memory leak (string)

x_generator : { »

engine : bippy-5f407fcff5a0 (string)

}

adp : [ »

0 : { »

title : CISA ADP Vulnrichment (string)

metrics : [ »

0 : { »

other : { »

type : ssvc (string)

content : { »

id : CVE-2021-47422 (string)

role : CISA Coordinator (string)

options : [ »

0 : { »

Exploitation : none (string)

}

1 : { »

Automatable : no (string)

}

2 : { »

Technical Impact : partial (string)

}

]

version : 2.0.3 (string)

timestamp : 2024-05-21T18:20:21.213988Z (string)

}

]

providerMetadata : { »

orgId : 134c704f-9b21-4f2e-91b3-4a467353bcc0 (string)

shortName : CISA-ADP (string)

dateUpdated : 2024-06-04T17:13:50.386Z (string)

}

1 : { »

providerMetadata : { »

orgId : af854a3a-2127-422b-91ae-364da2661108 (string)

shortName : CVE (string)

dateUpdated : 2024-08-04T05:39:59.509Z (string)

}

title : CVE Program Container (string)

references : [ »

0 : { »

url : https://git.kernel.org/stable/c/65fff0a8efcdca8d84ffe3e23057c3b32403482d (string)

tags : [ »

0 : x_transferred (string)

]

}

1 : { »

url : https://git.kernel.org/stable/c/0b4e9fc14973a94ac0520f19b3633493ae13c912 (string)

tags : [ »

0 : x_transferred (string)

]

}

2 : { »

url : https://git.kernel.org/stable/c/0b3d4945cc7e7ea1acd52cb06dfa83bfe265b6d5 (string)

tags : [ »

0 : x_transferred (string)

]

}

]

}

]

}

Show plain JSON

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/65fff0a8efcdca8d84ffe3e23057c3b32403482d", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/0b4e9fc14973a94ac0520f19b3633493ae13c912", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/0b3d4945cc7e7ea1acd52cb06dfa83bfe265b6d5", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T05:39:59.509Z"}}, {"metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2021-47422", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-05-21T18:20:21.213988Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-05-23T19:01:25.406Z"}, "title": "CISA ADP Vulnrichment"}], "cna": {"title": "drm/nouveau/kms/nv50-: fix file release memory leak", "affected": [{"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "12885ecbfe62df4358d452080d3b8feef54ec8cb", "lessThan": "65fff0a8efcdca8d84ffe3e23057c3b32403482d", "versionType": "git"}, {"status": "affected", "version": "12885ecbfe62df4358d452080d3b8feef54ec8cb", "lessThan": "0b4e9fc14973a94ac0520f19b3633493ae13c912", "versionType": "git"}, {"status": "affected", "version": "12885ecbfe62df4358d452080d3b8feef54ec8cb", "lessThan": "0b3d4945cc7e7ea1acd52cb06dfa83bfe265b6d5", "versionType": "git"}], "programFiles": ["drivers/gpu/drm/nouveau/dispnv50/crc.c"], "defaultStatus": "unaffected"}, {"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "5.9"}, {"status": "unaffected", "version": "0", "lessThan": "5.9", "versionType": "semver"}, {"status": "unaffected", "version": "5.10.73", "versionType": "semver", "lessThanOrEqual": "5.10.*"}, {"status": "unaffected", "version": "5.14.12", "versionType": "semver", "lessThanOrEqual": "5.14.*"}, {"status": "unaffected", "version": "5.15", "versionType": "original_commit_for_fix", "lessThanOrEqual": "*"}], "programFiles": ["drivers/gpu/drm/nouveau/dispnv50/crc.c"], "defaultStatus": "affected"}], "references": [{"url": "https://git.kernel.org/stable/c/65fff0a8efcdca8d84ffe3e23057c3b32403482d"}, {"url": "https://git.kernel.org/stable/c/0b4e9fc14973a94ac0520f19b3633493ae13c912"}, {"url": "https://git.kernel.org/stable/c/0b3d4945cc7e7ea1acd52cb06dfa83bfe265b6d5"}], "x_generator": {"engine": "bippy-5f407fcff5a0"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/nouveau/kms/nv50-: fix file release memory leak\n\nWhen using single_open() for opening, single_release() should be\ncalled, otherwise the 'op' allocated in single_open() will be leaked."}], "providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2024-12-19T07:41:40.948Z"}}}, "cveMetadata": {"cveId": "CVE-2021-47422", "state": "PUBLISHED", "dateUpdated": "2024-12-19T07:41:40.948Z", "dateReserved": "2024-05-21T14:58:30.820Z", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "datePublished": "2024-05-21T15:04:09.947Z", "assignerShortName": "Linux"}, "dataVersion": "5.1"}

{

dataType : CVE_RECORD (string)

containers : { »

adp : [ »

0 : { »

title : CVE Program Container (string)

references : [ »

0 : { »

url : https://git.kernel.org/stable/c/65fff0a8efcdca8d84ffe3e23057c3b32403482d (string)

tags : [ »

0 : x_transferred (string)

]

}

1 : { »

url : https://git.kernel.org/stable/c/0b4e9fc14973a94ac0520f19b3633493ae13c912 (string)

tags : [ »

0 : x_transferred (string)

]

}

2 : { »

url : https://git.kernel.org/stable/c/0b3d4945cc7e7ea1acd52cb06dfa83bfe265b6d5 (string)

tags : [ »

0 : x_transferred (string)

]

}

]

providerMetadata : { »

orgId : af854a3a-2127-422b-91ae-364da2661108 (string)

shortName : CVE (string)

dateUpdated : 2024-08-04T05:39:59.509Z (string)

}

1 : { »

metrics : [ »

0 : { »

other : { »

type : ssvc (string)

content : { »

id : CVE-2021-47422 (string)

role : CISA Coordinator (string)

options : [ »

0 : { »

Exploitation : none (string)

}

1 : { »

Automatable : no (string)

}

2 : { »

Technical Impact : partial (string)

}

]

version : 2.0.3 (string)

timestamp : 2024-05-21T18:20:21.213988Z (string)

}

]

providerMetadata : { »

orgId : 134c704f-9b21-4f2e-91b3-4a467353bcc0 (string)

shortName : CISA-ADP (string)

dateUpdated : 2024-05-23T19:01:25.406Z (string)

}

title : CISA ADP Vulnrichment (string)

}

]

cna : { »

title : drm/nouveau/kms/nv50-: fix file release memory leak (string)

affected : [ »

0 : { »

repo : https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git (string)

vendor : Linux (string)

product : Linux (string)

versions : [ »

0 : { »

status : affected (string)

version : 12885ecbfe62df4358d452080d3b8feef54ec8cb (string)

lessThan : 65fff0a8efcdca8d84ffe3e23057c3b32403482d (string)

versionType : git (string)

}

1 : { »

status : affected (string)

version : 12885ecbfe62df4358d452080d3b8feef54ec8cb (string)

lessThan : 0b4e9fc14973a94ac0520f19b3633493ae13c912 (string)

versionType : git (string)

}

2 : { »

status : affected (string)

version : 12885ecbfe62df4358d452080d3b8feef54ec8cb (string)

lessThan : 0b3d4945cc7e7ea1acd52cb06dfa83bfe265b6d5 (string)

versionType : git (string)

}

]

programFiles : [ »

0 : drivers/gpu/drm/nouveau/dispnv50/crc.c (string)

]

defaultStatus : unaffected (string)

}

1 : { »

repo : https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git (string)

vendor : Linux (string)

product : Linux (string)

versions : [ »

0 : { »

status : affected (string)

version : 5.9 (string)

}

1 : { »

status : unaffected (string)

version : 0 (string)

lessThan : 5.9 (string)

versionType : semver (string)

}

2 : { »

status : unaffected (string)

version : 5.10.73 (string)

versionType : semver (string)

lessThanOrEqual : 5.10.* (string)

}

3 : { »

status : unaffected (string)

version : 5.14.12 (string)

versionType : semver (string)

lessThanOrEqual : 5.14.* (string)

}

4 : { »

status : unaffected (string)

version : 5.15 (string)

versionType : original_commit_for_fix (string)

lessThanOrEqual : * (string)

}

]

programFiles : [ »

0 : drivers/gpu/drm/nouveau/dispnv50/crc.c (string)

]

defaultStatus : affected (string)

}

]

references : [ »

0 : { »

url : https://git.kernel.org/stable/c/65fff0a8efcdca8d84ffe3e23057c3b32403482d (string)

}

1 : { »

url : https://git.kernel.org/stable/c/0b4e9fc14973a94ac0520f19b3633493ae13c912 (string)

}

2 : { »

url : https://git.kernel.org/stable/c/0b3d4945cc7e7ea1acd52cb06dfa83bfe265b6d5 (string)

}

]

x_generator : { »

engine : bippy-5f407fcff5a0 (string)

}

descriptions : [ »

0 : { »

lang : en (string)

value : In the Linux kernel, the following vulnerability has been resolved: drm/nouveau/kms/nv50-: fix file release memory leak When using single_open() for opening, single_release() should be called, otherwise the 'op' allocated in single_open() will be leaked. (string)

}

]

providerMetadata : { »

orgId : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

shortName : Linux (string)

dateUpdated : 2024-12-19T07:41:40.948Z (string)

}

cveMetadata : { »

cveId : CVE-2021-47422 (string)

state : PUBLISHED (string)

dateUpdated : 2024-12-19T07:41:40.948Z (string)

dateReserved : 2024-05-21T14:58:30.820Z (string)

assignerOrgId : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

datePublished : 2024-05-21T15:04:09.947Z (string)

assignerShortName : Linux (string)

}

dataVersion : 5.1 (string)

}

Show plain JSON

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "F707D5A6-DFB6-4386-8C03-93DD0F1A6D73", "versionEndExcluding": "5.10.73", "versionStartIncluding": "5.9", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "20EB962C-32DC-448F-A900-BCF9A726F9EB", "versionEndExcluding": "5.14.12", "versionStartIncluding": "5.11", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:5.15:rc1:*:*:*:*:*:*", "matchCriteriaId": "E46C74C6-B76B-4C94-A6A4-FD2FFF62D644", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:5.15:rc2:*:*:*:*:*:*", "matchCriteriaId": "60134C3A-06E4-48C1-B04F-2903732A4E56", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:5.15:rc3:*:*:*:*:*:*", "matchCriteriaId": "0460DA88-8FE1-46A2-9DDA-1F1ABA552E71", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:5.15:rc4:*:*:*:*:*:*", "matchCriteriaId": "AF55383D-4DF2-45DC-93F7-571F4F978EAB", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/nouveau/kms/nv50-: fix file release memory leak\n\nWhen using single_open() for opening, single_release() should be\ncalled, otherwise the 'op' allocated in single_open() will be leaked."}, {"lang": "es", "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: drm/nouveau/kms/nv50-: corrige la p\u00e9rdida de memoria de liberaci\u00f3n de archivos. Cuando se usa single_open() para abrir, se debe llamar a single_release(); de lo contrario, se debe llamar a la 'op' asignada en single_open( ) se filtrar\u00e1."}], "id": "CVE-2021-47422", "lastModified": "2024-12-30T19:36:28.193", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2024-05-21T15:15:27.633", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/0b3d4945cc7e7ea1acd52cb06dfa83bfe265b6d5"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/0b4e9fc14973a94ac0520f19b3633493ae13c912"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/65fff0a8efcdca8d84ffe3e23057c3b32403482d"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/0b3d4945cc7e7ea1acd52cb06dfa83bfe265b6d5"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/0b4e9fc14973a94ac0520f19b3633493ae13c912"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/65fff0a8efcdca8d84ffe3e23057c3b32403482d"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-401"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{

configurations : [ »

0 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

matchCriteriaId : F707D5A6-DFB6-4386-8C03-93DD0F1A6D73 (string)

versionEndExcluding : 5.10.73 (string)

versionStartIncluding : 5.9 (string)

vulnerable : true (boolean)

}

1 : { »

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 20EB962C-32DC-448F-A900-BCF9A726F9EB (string)

versionEndExcluding : 5.14.12 (string)

versionStartIncluding : 5.11 (string)

vulnerable : true (boolean)

}

2 : { »

criteria : cpe:2.3:o:linux:linux_kernel:5.15:rc1:*:*:*:*:*:* (string)

matchCriteriaId : E46C74C6-B76B-4C94-A6A4-FD2FFF62D644 (string)

vulnerable : true (boolean)

}

3 : { »

criteria : cpe:2.3:o:linux:linux_kernel:5.15:rc2:*:*:*:*:*:* (string)

matchCriteriaId : 60134C3A-06E4-48C1-B04F-2903732A4E56 (string)

vulnerable : true (boolean)

}

4 : { »

criteria : cpe:2.3:o:linux:linux_kernel:5.15:rc3:*:*:*:*:*:* (string)

matchCriteriaId : 0460DA88-8FE1-46A2-9DDA-1F1ABA552E71 (string)

vulnerable : true (boolean)

}

5 : { »

criteria : cpe:2.3:o:linux:linux_kernel:5.15:rc4:*:*:*:*:*:* (string)

matchCriteriaId : AF55383D-4DF2-45DC-93F7-571F4F978EAB (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

}

]

cveTags : [ *empty* ]

descriptions : [ »

0 : { »

lang : en (string)

value : In the Linux kernel, the following vulnerability has been resolved: drm/nouveau/kms/nv50-: fix file release memory leak When using single_open() for opening, single_release() should be called, otherwise the 'op' allocated in single_open() will be leaked. (string)

}

1 : { »

lang : es (string)

value : En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: drm/nouveau/kms/nv50-: corrige la pérdida de memoria de liberación de archivos. Cuando se usa single_open() para abrir, se debe llamar a single_release(); de lo contrario, se debe llamar a la 'op' asignada en single_open( ) se filtrará. (string)

}

]

id : CVE-2021-47422 (string)

lastModified : 2024-12-30T19:36:28.193 (string)

metrics : { »

cvssMetricV31 : [ »

0 : { »

cvssData : { »

attackComplexity : LOW (string)

attackVector : LOCAL (string)

availabilityImpact : HIGH (string)

baseScore : 5.5 (number)

baseSeverity : MEDIUM (string)

confidentialityImpact : NONE (string)

integrityImpact : NONE (string)

privilegesRequired : LOW (string)

scope : UNCHANGED (string)

userInteraction : NONE (string)

vectorString : CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H (string)

version : 3.1 (string)

}

exploitabilityScore : 1.8 (number)

impactScore : 3.6 (number)

source : nvd@nist.gov (string)

type : Primary (string)

}

]

}

published : 2024-05-21T15:15:27.633 (string)

references : [ »

0 : { »

source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

tags : [ »

0 : Patch (string)

]

url : https://git.kernel.org/stable/c/0b3d4945cc7e7ea1acd52cb06dfa83bfe265b6d5 (string)

}

1 : { »

source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

tags : [ »

0 : Patch (string)

]

url : https://git.kernel.org/stable/c/0b4e9fc14973a94ac0520f19b3633493ae13c912 (string)

}

2 : { »

source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

tags : [ »

0 : Patch (string)

]

url : https://git.kernel.org/stable/c/65fff0a8efcdca8d84ffe3e23057c3b32403482d (string)

}

3 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Patch (string)

]

url : https://git.kernel.org/stable/c/0b3d4945cc7e7ea1acd52cb06dfa83bfe265b6d5 (string)

}

4 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Patch (string)

]

url : https://git.kernel.org/stable/c/0b4e9fc14973a94ac0520f19b3633493ae13c912 (string)

}

5 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Patch (string)

]

url : https://git.kernel.org/stable/c/65fff0a8efcdca8d84ffe3e23057c3b32403482d (string)

}

]

sourceIdentifier : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

vulnStatus : Analyzed (string)

weaknesses : [ »

0 : { »

description : [ »

0 : { »

lang : en (string)

value : CWE-401 (string)

}

]

source : nvd@nist.gov (string)

type : Primary (string)

}

]

}

Show plain JSON

{"bugzilla": {"description": "kernel: drm/nouveau/kms/nv50-: fix file release memory leak", "id": "2282311", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2282311"}, "csaw": false, "cvss3": {"cvss3_base_score": "4.4", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N", "status": "draft"}, "cwe": "CWE-402", "details": ["In the Linux kernel, the following vulnerability has been resolved:\ndrm/nouveau/kms/nv50-: fix file release memory leak\nWhen using single_open() for opening, single_release() should be\ncalled, otherwise the 'op' allocated in single_open() will be leaked."], "name": "CVE-2021-47422", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2024-05-21T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2021-47422\nhttps://nvd.nist.gov/vuln/detail/CVE-2021-47422\nhttps://lore.kernel.org/linux-cve-announce/2024052155-CVE-2021-47422-3f95@gregkh/T"], "threat_severity": "Low"}

{

bugzilla : { »

description : kernel: drm/nouveau/kms/nv50-: fix file release memory leak (string)

id : 2282311 (string)

url : https://bugzilla.redhat.com/show_bug.cgi?id=2282311 (string)

}

csaw : false (boolean)

cvss3 : { »

cvss3_base_score : 4.4 (string)

cvss3_scoring_vector : CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N (string)

status : draft (string)

}

cwe : CWE-402 (string)

details : [ »

0 : In the Linux kernel, the following vulnerability has been resolved: drm/nouveau/kms/nv50-: fix file release memory leak When using single_open() for opening, single_release() should be called, otherwise the 'op' allocated in single_open() will be leaked. (string)

]

name : CVE-2021-47422 (string)

package_state : [ »

0 : { »

cpe : cpe:/o:redhat:enterprise_linux:6 (string)

fix_state : Out of support scope (string)

package_name : kernel (string)

product_name : Red Hat Enterprise Linux 6 (string)

}

1 : { »

cpe : cpe:/o:redhat:enterprise_linux:7 (string)

fix_state : Out of support scope (string)

package_name : kernel (string)

product_name : Red Hat Enterprise Linux 7 (string)

}

2 : { »

cpe : cpe:/o:redhat:enterprise_linux:7 (string)

fix_state : Out of support scope (string)

package_name : kernel-rt (string)

product_name : Red Hat Enterprise Linux 7 (string)

}

3 : { »

cpe : cpe:/o:redhat:enterprise_linux:8 (string)

fix_state : Not affected (string)

package_name : kernel (string)

product_name : Red Hat Enterprise Linux 8 (string)

}

4 : { »

cpe : cpe:/o:redhat:enterprise_linux:8 (string)

fix_state : Not affected (string)

package_name : kernel-rt (string)

product_name : Red Hat Enterprise Linux 8 (string)

}

5 : { »

cpe : cpe:/o:redhat:enterprise_linux:9 (string)

fix_state : Affected (string)

package_name : kernel (string)

product_name : Red Hat Enterprise Linux 9 (string)

}

6 : { »

cpe : cpe:/o:redhat:enterprise_linux:9 (string)

fix_state : Affected (string)

package_name : kernel-rt (string)

product_name : Red Hat Enterprise Linux 9 (string)

}

]

public_date : 2024-05-21T00:00:00Z (string)

references : [ »

0 : https://www.cve.org/CVERecord?id=CVE-2021-47422 https://nvd.nist.gov/vuln/detail/CVE-2021-47422 https://lore.kernel.org/linux-cve-announce/2024052155-CVE-2021-47422-3f95@gregkh/T (string)

]

threat_severity : Low (string)

}

Metrics

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Exploitation none

Automatable no

Technical Impact partial

Affected Vendors & Products

Metrics

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Exploitation none

Automatable no

Technical Impact partial

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object