CVE-2021-47296 - pub/scm/linux/kernel/git/sashal/vulns-desc - Git at Google

 The vulnerability, assigned CVE-2021-47296, is a memory leak in the KVM (Kernel-based Virtual Machine) subsystem on PowerPC architectures. Specifically, it affects the `kvm_arch_vcpu_ioctl` function, which is responsible for handling ioctl commands from user space to the KVM virtual CPU.

 The issue arises when the user copy of the vcpu_load data fails. In this scenario, the `vcpu_put` function is not called, leading to a memory leak and potential corruption of the preempt notifier. This can cause crashes, among other problems. The vulnerability was introduced in Linux kernel version 4.18 with commit b3cebfe8c1ca.

 The affected file is `arch/powerpc/kvm/powerpc.c`. The issue has been fixed in various kernel versions, including 4.19.199, 5.4.136, 5.10.54, and 5.13.6, with corresponding commits 9bafc34dc4ad, f38527f18905, e14ef1095387, and a4a488915fea. The Linux kernel CVE team recommends updating to the latest stable kernel version to resolve this issue.
	The vulnerability, assigned CVE-2021-47296, is a memory leak in the KVM (Kernel-based Virtual Machine) subsystem on PowerPC architectures. Specifically, it affects the `kvm_arch_vcpu_ioctl` function, which is responsible for handling ioctl commands from user space to the KVM virtual CPU.

	The issue arises when the user copy of the vcpu_load data fails. In this scenario, the `vcpu_put` function is not called, leading to a memory leak and potential corruption of the preempt notifier. This can cause crashes, among other problems. The vulnerability was introduced in Linux kernel version 4.18 with commit b3cebfe8c1ca.

	The affected file is `arch/powerpc/kvm/powerpc.c`. The issue has been fixed in various kernel versions, including 4.19.199, 5.4.136, 5.10.54, and 5.13.6, with corresponding commits 9bafc34dc4ad, f38527f18905, e14ef1095387, and a4a488915fea. The Linux kernel CVE team recommends updating to the latest stable kernel version to resolve this issue.