CVE-2021-47052 - pub/scm/linux/kernel/git/sashal/vulns-desc - Git at Google

 The CVE-2021-47052 vulnerability affects the Linux kernel's `sa2ul` crypto driver. Specifically, there are two error return paths in the driver that fail to free the `rxd` resource, leading to memory leaks. This issue was introduced in kernel version 5.10 with commit 00c9211f60db and has since been fixed in various kernel versions, including 5.10.37, 5.11.21, 5.12.4, and 5.13.

 The affected file is `drivers/crypto/sa2ul.c`. The vulnerability was assigned a severity rating of "Resource leak" by the Linux kernel CVE team. To mitigate this issue, users are recommended to update to the latest stable kernel version, as individual changes are not tested or supported alone. However, if updating to the latest release is impossible, the individual commits that resolve this issue can be cherry-picked from the Linux kernel Git repository.

 The memory leak occurs due to the failure of the `sa2ul` driver to release the `rxd` resource in error return paths. This can lead to a gradual increase in memory consumption over time, potentially causing system instability or crashes. By fixing these error return paths and ensuring that the `rxd` resource is properly released, the kernel avoids unnecessary memory leaks and maintains system stability.
	The CVE-2021-47052 vulnerability affects the Linux kernel's `sa2ul` crypto driver. Specifically, there are two error return paths in the driver that fail to free the `rxd` resource, leading to memory leaks. This issue was introduced in kernel version 5.10 with commit 00c9211f60db and has since been fixed in various kernel versions, including 5.10.37, 5.11.21, 5.12.4, and 5.13.

	The affected file is `drivers/crypto/sa2ul.c`. The vulnerability was assigned a severity rating of "Resource leak" by the Linux kernel CVE team. To mitigate this issue, users are recommended to update to the latest stable kernel version, as individual changes are not tested or supported alone. However, if updating to the latest release is impossible, the individual commits that resolve this issue can be cherry-picked from the Linux kernel Git repository.

	The memory leak occurs due to the failure of the `sa2ul` driver to release the `rxd` resource in error return paths. This can lead to a gradual increase in memory consumption over time, potentially causing system instability or crashes. By fixing these error return paths and ensuring that the `rxd` resource is properly released, the kernel avoids unnecessary memory leaks and maintains system stability.