CVE-2021-47373

Advisory lineage Upstream: 0 Downstream: 13

Downstream

DEBIAN-CVE-2021-47373 RHSA-2022:8267 RHSA-2024:5101 RHSA-2024:5102 SUSE-SU-2024:2008-1 SUSE-SU-2024:2011-1

Analyzed

Published: 21 May 2024, 15:03

Last modified:11 May 2026, 13:53

Vulnerability Summary

Overall Risk (default)

low

22/100

CVSS Score

5.5 MEDIUM

v3.1 (nvd)

EPSS Score

<0.01% LOW

0% probability 0.00%

KEV

Not listed

Ransomware

No reports

Public exploits

None found

Dark Web

Not detected

Timeline

21 May 2024, 15:03

Published

Vulnerability first disclosed

11 May 2026, 13:53

Last Modified

Vulnerability information updated

Description

In the Linux kernel, the following vulnerability has been resolved: irqchip/gic-v3-its: Fix potential VPE leak on error In its_vpe_irq_domain_alloc, when its_vpe_init() returns an error, there is an off-by-one in the number of VPEs to be freed. Fix it by simply passing the number of VPEs allocated, which is the index of the loop iterating over the VPEs. [maz: fixed commit message]

CVSS Metrics

v3.1•MEDIUM•Score: 5.5CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

EPSS Trends

Current EPSS score: 0.01%• Percentile: 1%

Techniques & Countermeasures

CWE-193•Off-by-one Error
A product calculates or uses an incorrect maximum or minimum value that is 1 more, or 1 less, than the correct value.

Affected Systems

linux•linux
≥ 7d75bbb4bc1ad90386776459d37e4ddfe605671e, < 7d39992d45acd6f2d6b2f62389c55b61fb3d486b | ≥ 7d75bbb4bc1ad90386776459d37e4ddfe605671e, < 5701e8bff314c155e7afdc467b1e0389d86853d0 | ≥ 7d75bbb4bc1ad90386776459d37e4ddfe605671e, < 42d3711c23781045e7a5cd28536c774b9a66d20b | ≥ 7d75bbb4bc1ad90386776459d37e4ddfe605671e, < 568662e37f927e3dc3e475f3ff7cf4ab7719c5e7 | ≥ 7d75bbb4bc1ad90386776459d37e4ddfe605671e, < e0c1c2e5da19685a20557a50f10c6aa4fa26aa84 | ≥ 7d75bbb4bc1ad90386776459d37e4ddfe605671e, < 280bef512933b2dda01d681d8cbe499b98fc5bdd | 4.14
linux•linux_kernel
≥ 4.14, < 4.14.249 | ≥ 4.15, < 4.19.209 | ≥ 4.20, < 5.4.150 | ≥ 5.5, < 5.10.70 | ≥ 5.11, < 5.14.9 | 5.15:rc1 | 5.15:rc2