CVE-2021-47516 - pub/scm/linux/kernel/git/sashal/vulns-desc - Git at Google

 The CVE-2021-47516 vulnerability is a memory leak issue in the Linux kernel's nfp_cpp_area_cache_add() function. Specifically, when the cache allocation fails, the allocated CPP area structure is not freed, resulting in a memory leak.

 The issue occurs in the `nfp_cppcore.c` file within the `drivers/net/ethernet/netronome/nfp/nfpcore` directory. The vulnerability was introduced in kernel version 4.11 with commit 4cb584e0ee7d and has been fixed in various kernel versions, including 4.14.258, 4.19.221, 5.4.165, 5.10.85, and 5.15.8.

 The fix involves freeing the CPP area structure when the cache allocation fails, which is done by adding a `kfree(area)` call in the error handling path of the function.

 To mitigate this issue, it is recommended to update to the latest stable kernel version. However, if updating is not possible, individual changes can be cherry-picked from the provided commit hashes.
	The CVE-2021-47516 vulnerability is a memory leak issue in the Linux kernel's nfp_cpp_area_cache_add() function. Specifically, when the cache allocation fails, the allocated CPP area structure is not freed, resulting in a memory leak.

	The issue occurs in the `nfp_cppcore.c` file within the `drivers/net/ethernet/netronome/nfp/nfpcore` directory. The vulnerability was introduced in kernel version 4.11 with commit 4cb584e0ee7d and has been fixed in various kernel versions, including 4.14.258, 4.19.221, 5.4.165, 5.10.85, and 5.15.8.

	The fix involves freeing the CPP area structure when the cache allocation fails, which is done by adding a `kfree(area)` call in the error handling path of the function.

	To mitigate this issue, it is recommended to update to the latest stable kernel version. However, if updating is not possible, individual changes can be cherry-picked from the provided commit hashes.