CVE-2021-47295
net: sched: fix memory leak in tcindex_partial_destroy_work
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
In the Linux kernel, the following vulnerability has been resolved:
net: sched: fix memory leak in tcindex_partial_destroy_work
Syzbot reported memory leak in tcindex_set_parms(). The problem was in
non-freed perfect hash in tcindex_partial_destroy_work().
In tcindex_set_parms() new tcindex_data is allocated and some fields from
old one are copied to new one, but not the perfect hash. Since
tcindex_partial_destroy_work() is the destroy function for old
tcindex_data, we need to free perfect hash to avoid memory leak.
En el kernel de Linux, se resolvió la siguiente vulnerabilidad: net: sched: corrige la pérdida de memoria en tcindex_partial_destroy_work Syzbot informó una pérdida de memoria en tcindex_set_parms(). El problema estaba en el hash perfecto no liberado en tcindex_partial_destroy_work(). En tcindex_set_parms() se asigna un nuevo tcindex_data y algunos campos del anterior se copian al nuevo, pero no el hash perfecto. Dado que tcindex_partial_destroy_work() es la función de destrucción del antiguo tcindex_data, necesitamos liberar un hash perfecto para evitar pérdidas de memoria.
CVSS Scores
SSVC
- Decision:Attend
Timeline
- 2024-05-21 CVE Reserved
- 2024-05-21 CVE Published
- 2024-05-22 EPSS Updated
- 2024-12-19 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-400: Uncontrolled Resource Consumption
CAPEC
References (5)
URL | Tag | Source |
---|---|---|
https://git.kernel.org/stable/c/331b72922c5f58d48fd5500acadc91777cc31970 | Vuln. Introduced |
URL | Date | SRC |
---|
URL | Date | SRC |
---|
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 3.18 < 5.4.136 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.18 < 5.4.136" | en |
Affected
| ||||||
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 3.18 < 5.10.54 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.18 < 5.10.54" | en |
Affected
| ||||||
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 3.18 < 5.13.6 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.18 < 5.13.6" | en |
Affected
| ||||||
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 3.18 < 5.14 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.18 < 5.14" | en |
Affected
|