Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2021-47467

Опубликовано: 22 мая 2024
Источник: nvd
CVSS3: 5.3
EPSS Низкий

Описание

In the Linux kernel, the following vulnerability has been resolved:

kunit: fix reference count leak in kfree_at_end

The reference counting issue happens in the normal path of kfree_at_end(). When kunit_alloc_and_get_resource() is invoked, the function forgets to handle the returned resource object, whose refcount increased inside, causing a refcount leak.

Fix this issue by calling kunit_alloc_resource() instead of kunit_alloc_and_get_resource().

Fixed the following when applying: Shuah Khan skhan@linuxfoundation.org

CHECK: Alignment should match open parenthesis

  • kunit_alloc_resource(test, NULL, kfree_res_free, GFP_KERNEL, (void *)to_free);

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Версия от 5.14 (включая) до 5.14.15 (исключая)
cpe:2.3:o:linux:linux_kernel:5.15:rc1:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:5.15:rc2:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:5.15:rc3:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:5.15:rc4:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:5.15:rc5:*:*:*:*:*:*

EPSS

Процентиль: 25%
0.00086
Низкий

5.3 Medium

CVSS3

Дефекты

NVD-CWE-Other

Связанные уязвимости

ubuntu логотип

CVE-2021-47467

CVSS3: 5.3
ubuntu
больше 1 года назад

In the Linux kernel, the following vulnerability has been resolved: kunit: fix reference count leak in kfree_at_end The reference counting issue happens in the normal path of kfree_at_end(). When kunit_alloc_and_get_resource() is invoked, the function forgets to handle the returned resource object, whose refcount increased inside, causing a refcount leak. Fix this issue by calling kunit_alloc_resource() instead of kunit_alloc_and_get_resource(). Fixed the following when applying: Shuah Khan <skhan@linuxfoundation.org> CHECK: Alignment should match open parenthesis + kunit_alloc_resource(test, NULL, kfree_res_free, GFP_KERNEL, (void *)to_free);

redhat логотип

CVE-2021-47467

CVSS3: 7.1
redhat
больше 1 года назад

In the Linux kernel, the following vulnerability has been resolved: kunit: fix reference count leak in kfree_at_end The reference counting issue happens in the normal path of kfree_at_end(). When kunit_alloc_and_get_resource() is invoked, the function forgets to handle the returned resource object, whose refcount increased inside, causing a refcount leak. Fix this issue by calling kunit_alloc_resource() instead of kunit_alloc_and_get_resource(). Fixed the following when applying: Shuah Khan <skhan@linuxfoundation.org> CHECK: Alignment should match open parenthesis +kunit_alloc_resource(test, NULL, kfree_res_free, GFP_KERNEL, (void *)to_free);

debian логотип

CVE-2021-47467

CVSS3: 5.3
debian
больше 1 года назад

In the Linux kernel, the following vulnerability has been resolved: k ...

github логотип

GHSA-7qcg-gp93-223m

CVSS3: 5.3
github
больше 1 года назад

In the Linux kernel, the following vulnerability has been resolved: kunit: fix reference count leak in kfree_at_end The reference counting issue happens in the normal path of kfree_at_end(). When kunit_alloc_and_get_resource() is invoked, the function forgets to handle the returned resource object, whose refcount increased inside, causing a refcount leak. Fix this issue by calling kunit_alloc_resource() instead of kunit_alloc_and_get_resource(). Fixed the following when applying: Shuah Khan <skhan@linuxfoundation.org> CHECK: Alignment should match open parenthesis + kunit_alloc_resource(test, NULL, kfree_res_free, GFP_KERNEL, (void *)to_free);

fstec логотип

BDU:2025-14323

CVSS3: 5.3
fstec
больше 4 лет назад

Уязвимость функции kfree_at_end() модуля lib/kunit/executor_test.c ядра операционной системы Linux, позволяющая удаленному нарушителю вызвать отказ в обслуживании

EPSS

Процентиль: 25%
0.00086
Низкий

5.3 Medium

CVSS3

Дефекты

NVD-CWE-Other