5.5
CVE-2021-47298
- EPSS 0.23%
- Veröffentlicht 21.05.2024 15:15:17
- Zuletzt bearbeitet 23.12.2024 16:39:18
- CVE-Watchlists
- Unerledigt
bpf, sockmap: Fix potential memory leak on unlikely error case
In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Fix potential memory leak on unlikely error case If skb_linearize is needed and fails we could leak a msg on the error handling. To fix ensure we kfree the msg block before returning error. Found during code review.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Linux ≫ Linux Kernel Version >= 5.10 < 5.10.54
Linux ≫ Linux Kernel Version >= 5.11 < 5.13.6
Linux ≫ Linux Kernel Version5.14 Updaterc1
Linux ≫ Linux Kernel Version5.14 Updaterc2
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.23% | 0.138 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5.5 | 1.8 | 3.6 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
|
CWE-401 Missing Release of Memory after Effective Lifetime
The product does not sufficiently track and release allocated memory after it has been used, making the memory unavailable for reallocation and reuse.
https://git.kernel.org/stable/c/6c508a1c6c62793dc6e6872cad4b200097bab7c9
https://git.kernel.org/stable/c/715f378f42909c401ec043f5150c4fdf57fb8889
https://git.kernel.org/stable/c/7e6b27a69167f97c56b5437871d29e9722c3e470