CVE-2021-47020 - pub/scm/linux/kernel/git/sashal/vulns-desc - Git at Google

 The vulnerability CVE-2021-47020 affects the Linux kernel's SoundWire stream implementation. Specifically, when a stream configuration fails, the master runtime releases all slave runtimes in the `slave_rt_list`, but the slave runtime is not added to this list at that time. This leads to a memory leak because the slave runtime is not freed.

 The patch fixes this issue by freeing the slave runtime in the error path of the stream configuration. The vulnerability was introduced in kernel version 4.18 with commit `89e590535f32` and has been fixed in various later versions, including 4.19.191, 5.4.119, 5.10.37, 5.11.21, 5.12.4, and 5.13.

 The affected file is `drivers/soundwire/stream.c`. The Linux kernel CVE team recommends updating to the latest stable kernel version to resolve this issue, rather than cherry-picking individual commits. However, if updating is not possible, the individual changes can be found in the specified commit hashes.
	The vulnerability CVE-2021-47020 affects the Linux kernel's SoundWire stream implementation. Specifically, when a stream configuration fails, the master runtime releases all slave runtimes in the `slave_rt_list`, but the slave runtime is not added to this list at that time. This leads to a memory leak because the slave runtime is not freed.

	The patch fixes this issue by freeing the slave runtime in the error path of the stream configuration. The vulnerability was introduced in kernel version 4.18 with commit `89e590535f32` and has been fixed in various later versions, including 4.19.191, 5.4.119, 5.10.37, 5.11.21, 5.12.4, and 5.13.

	The affected file is `drivers/soundwire/stream.c`. The Linux kernel CVE team recommends updating to the latest stable kernel version to resolve this issue, rather than cherry-picking individual commits. However, if updating is not possible, the individual changes can be found in the specified commit hashes.