{"id":"CVE-2021-47049","details":"In the Linux kernel, the following vulnerability has been resolved:\n\nDrivers: hv: vmbus: Use after free in __vmbus_open()\n\nThe \"open_info\" variable is added to the &vmbus_connection.chn_msg_list,\nbut the error handling frees \"open_info\" without removing it from the\nlist.  This will result in a use after free.  First remove it from the\nlist, and then free it.","modified":"2026-03-15T22:42:45.726709Z","published":"2024-02-28T09:15:40.417Z","related":["SUSE-SU-2024:1454-1","SUSE-SU-2024:1465-1","SUSE-SU-2024:1489-1","SUSE-SU-2024:1643-1","SUSE-SU-2024:1646-1","SUSE-SU-2024:1870-1"],"references":[{"type":"FIX","url":"https://git.kernel.org/stable/c/d5c7b42c9f56ca46b286daa537d181bd7f69214f"},{"type":"FIX","url":"https://git.kernel.org/stable/c/f37dd5d1b5d38a79a4f7b8dd7bbb705505f05560"},{"type":"FIX","url":"https://git.kernel.org/stable/c/2728f289b3270b0e273292b46c534421a33bbfd5"},{"type":"FIX","url":"https://git.kernel.org/stable/c/3e9bf43f7f7a46f21ec071cb47be92d0874c48da"}],"affected":[{"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-47049.json","unresolved_ranges":[{"events":[{"introduced":"4.14"},{"fixed":"5.10.37"}]},{"events":[{"introduced":"5.11"},{"fixed":"5.11.21"}]},{"events":[{"introduced":"5.12"},{"fixed":"5.12.4"}]}]}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}]}