{"id":"CVE-2021-47305","details":"In the Linux kernel, the following vulnerability has been resolved:\n\ndma-buf/sync_file: Don't leak fences on merge failure\n\nEach add_fence() call does a dma_fence_get() on the relevant fence.  In\nthe error path, we weren't calling dma_fence_put() so all those fences\ngot leaked.  Also, in the krealloc_array failure case, we weren't\nfreeing the fences array.  Instead, ensure that i and fences are always\nzero-initialized and dma_fence_put() all the fences and kfree(fences) on\nevery error path.","modified":"2026-03-15T22:43:10.357784Z","published":"2024-05-21T15:15:18.177Z","related":["SUSE-SU-2024:1979-1","SUSE-SU-2024:1983-1","SUSE-SU-2024:2010-1","SUSE-SU-2024:2183-1","SUSE-SU-2024:2184-1","SUSE-SU-2024:2185-1"],"references":[{"type":"FIX","url":"https://git.kernel.org/stable/c/ffe000217c5068c5da07ccb1c0f8cce7ad767435"},{"type":"FIX","url":"https://git.kernel.org/stable/c/0d514185ae792d3a1903c8e1a83899aa996705ce"},{"type":"FIX","url":"https://git.kernel.org/stable/c/19edcd97727aae9362444a859a24d99a8730cb27"},{"type":"FIX","url":"https://git.kernel.org/stable/c/19f51c2529339280d2c8c6427cd3e21ddf1ac3f8"},{"type":"FIX","url":"https://git.kernel.org/stable/c/41f45e91c92c8480242ea448d54e28c753b13902"},{"type":"FIX","url":"https://git.kernel.org/stable/c/e0355a0ad31a1d677b2a4514206de4902bd550e8"}],"affected":[{"database_specific":{"unresolved_ranges":[{"events":[{"introduced":"4.9"},{"fixed":"4.14.241"}]},{"events":[{"introduced":"4.15"},{"fixed":"4.19.199"}]},{"events":[{"introduced":"4.20"},{"fixed":"5.4.135"}]},{"events":[{"introduced":"5.5"},{"fixed":"5.10.53"}]},{"events":[{"introduced":"5.11"},{"fixed":"5.13.5"}]},{"events":[{"introduced":"0"},{"last_affected":"5.14-rc1"}]}],"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-47305.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}]}