CVE-2021-47298

Summary

In the Linux kernel, the following vulnerability has been resolved:

bpf, sockmap: Fix potential memory leak on unlikely error case

If skb_linearize is needed and fails we could leak a msg on the error handling. To fix ensure we kfree the msg block before returning error. Found during code review.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux4363023d2668e621b0743db351a9555d6e6ea57e < 715f378f42909c401ec043f5150c4fdf57fb8889affected
LinuxLinux4363023d2668e621b0743db351a9555d6e6ea57e < 6c508a1c6c62793dc6e6872cad4b200097bab7c9affected
LinuxLinux4363023d2668e621b0743db351a9555d6e6ea57e < 7e6b27a69167f97c56b5437871d29e9722c3e470affected
LinuxLinux5.10affected
LinuxLinux0 < 5.10unaffected
LinuxLinux5.10.54 <= 5.10.*unaffected
LinuxLinux5.13.6 <= 5.13.*unaffected
LinuxLinux5.14 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

CVE Program Container

Additional References

References