How severe is CVE-2021-47519?

This vulnerability has a severity rating of HIGH with a CVSS score of 7.5 out of 10.

What type of vulnerability is CVE-2021-47519?

This is classified as CWE-401, which is a common weakness in software security.

CVE-2021-47519 - HIGH Severity | CVSS 7.5

Vulnerability Description

In the Linux kernel, the following vulnerability has been resolved: can: m_can: m_can_read_fifo: fix memory leak in error branch In m_can_read_fifo(), if the second call to m_can_fifo_read() fails, the function jump to the out_fail label and returns without calling m_can_receive_skb(). This means that the skb previously allocated by alloc_can_skb() is not freed. In other terms, this is a memory leak. This patch adds a goto label to destroy the skb if an error occurs. Issue was found with GCC -fanalyzer, please follow the link below for details.

Related Vulnerabilities

CVE-2016-4232

HIGH

CVSS:7.5(High)

Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to obtain sensitive information from process memory v...

CWE-4012016

CVE-2016-6304

HIGH

CVSS:7.5(High)

Multiple memory leaks in t1_lib.c in OpenSSL before 1.0.1u, 1.0.2 before 1.0.2i, and 1.1.0 before 1.1.0a allow remote attackers to cause a denial of service (memory consumption) via large OCSP Status ...

CWE-4012016

CVE-2017-7654

HIGH

CVSS:7.5(High)

In Eclipse Mosquitto 1.4.15 and earlier, a Memory Leak vulnerability was found within the Mosquitto Broker. Unauthenticated clients can send crafted CONNECT packets which could cause a denial of servi...

CWE-4012017

CVE-2018-11246

HIGH

CVSS:7.5(High)

K7TSMngr.exe in K7Computing K7AntiVirus Premium 15.1.0.53 has a Memory Leak.

CWE-4012018

CVE-2018-13844

HIGH

CVSS:7.5(High)

An issue has been found in HTSlib 1.8. It is a memory leak in fai_read in faidx.c. NOTE: This has been disputed with the assertion that this vulnerability exists in the test harness and HTSlib users w...

CWE-4012018

CVE-2018-17240

HIGH

CVSS:7.5(High)

There is a memory dump vulnerability on Netwave IP camera devices at //proc/kcore that allows an unauthenticated attacker to exfiltrate sensitive information from the network configuration (e.g., user...

CWE-4012018