CVE-2021-47022 - pub/scm/linux/kernel/git/sashal/vulns-desc - Git at Google

 The vulnerability resides in the `mt7615_unregister_device()` function, specifically in the order of operations when freeing resources. The issue is a memory leak that occurs because `mt7615_tx_token_put()` is not called before `mt76_free_pending_txwi()`. This incorrect ordering leads to a memory leak.

 The vulnerability was introduced in Linux kernel versions 5.10.21, 5.11.4, and 5.12, and was fixed in versions 5.10.37, 5.11.21, and 5.12.4, respectively. The affected file is `drivers/net/wireless/mediatek/mt76/mt7615/pci_init.c`.

 The mitigation recommended by the Linux kernel CVE team is to update to the latest stable kernel version, which includes this fix and many other bugfixes. Cherry-picking individual commits is not recommended or supported by the Linux kernel community. If updating to the latest release is impossible, the individual changes to resolve this issue can be found in the specified commits.
	The vulnerability resides in the `mt7615_unregister_device()` function, specifically in the order of operations when freeing resources. The issue is a memory leak that occurs because `mt7615_tx_token_put()` is not called before `mt76_free_pending_txwi()`. This incorrect ordering leads to a memory leak.

	The vulnerability was introduced in Linux kernel versions 5.10.21, 5.11.4, and 5.12, and was fixed in versions 5.10.37, 5.11.21, and 5.12.4, respectively. The affected file is `drivers/net/wireless/mediatek/mt76/mt7615/pci_init.c`.

	The mitigation recommended by the Linux kernel CVE team is to update to the latest stable kernel version, which includes this fix and many other bugfixes. Cherry-picking individual commits is not recommended or supported by the Linux kernel community. If updating to the latest release is impossible, the individual changes to resolve this issue can be found in the specified commits.