CVE-2021-47064 - pub/scm/linux/kernel/git/sashal/vulns-desc - Git at Google

 The vulnerability resides in the `mt76_dma_tx_queue_skb_raw` function, where a local variable `buf` is used without being initialized. Specifically, the `skip_unmap` field of `buf` may inherit a non-zero value from stack garbage, leading to a potential DMA mapping leak.

 When this occurs, the DMA mappings for MCU command frames are not unmapped after completion, which can cause issues with the system's memory management. The Linux kernel CVE team has assigned CVE-2021-47064 to this issue.

 The affected files are located in `drivers/net/wireless/mediatek/mt76/dma.c`. The vulnerability was introduced in kernel version 5.10 with commit 27d5c528a7ca and fixed in versions 5.10.37, 5.11.21, 5.12.4, and 5.13 with commits 9fa26701cd1f, 9b68ce2856da, 91b9548d413f, and b4403cee6400, respectively. The Linux kernel CVE team recommends updating to the latest stable kernel version to resolve this issue.
	The vulnerability resides in the `mt76_dma_tx_queue_skb_raw` function, where a local variable `buf` is used without being initialized. Specifically, the `skip_unmap` field of `buf` may inherit a non-zero value from stack garbage, leading to a potential DMA mapping leak.

	When this occurs, the DMA mappings for MCU command frames are not unmapped after completion, which can cause issues with the system's memory management. The Linux kernel CVE team has assigned CVE-2021-47064 to this issue.

	The affected files are located in `drivers/net/wireless/mediatek/mt76/dma.c`. The vulnerability was introduced in kernel version 5.10 with commit 27d5c528a7ca and fixed in versions 5.10.37, 5.11.21, 5.12.4, and 5.13 with commits 9fa26701cd1f, 9b68ce2856da, 91b9548d413f, and b4403cee6400, respectively. The Linux kernel CVE team recommends updating to the latest stable kernel version to resolve this issue.