CVE-2021-47345

Summary

In the Linux kernel, the following vulnerability has been resolved:

RDMA/cma: Fix rdma_resolve_route() memory leak

Fix a memory leak when "mda_resolve_route() is called more than once on the same "rdma_cm_id".

This is possible if cma_query_handler() triggers the RDMA_CM_EVENT_ROUTE_ERROR flow which puts the state machine back and allows rdma_resolve_route() to be called again.

Affected Software

VendorProductVersion RangeStatus
LinuxLinuxe51060f08a61965c4dd91516d82fe90617152590 < 40b613db3a95bc27998e4097d74c2f7e5d083a0baffected
LinuxLinuxe51060f08a61965c4dd91516d82fe90617152590 < e2da8ce2a9543f3ca5c93369bd1fe6eeb572101aaffected
LinuxLinuxe51060f08a61965c4dd91516d82fe90617152590 < e4e062da082a199357ba4911145f331d40139ad8affected
LinuxLinuxe51060f08a61965c4dd91516d82fe90617152590 < 4893c938f2a140a74be91779e45e4a7fa111198faffected
LinuxLinuxe51060f08a61965c4dd91516d82fe90617152590 < 032c68b4f5be128a2167f35b558b7cec88fe4972affected
LinuxLinuxe51060f08a61965c4dd91516d82fe90617152590 < 3d08b5917984f737f32d5bee9737b9075c3895c6affected
LinuxLinuxe51060f08a61965c4dd91516d82fe90617152590 < f4f553d67236145fa5fd203ed7b35b9377e19939affected
LinuxLinuxe51060f08a61965c4dd91516d82fe90617152590 < 07583ba2e2d8947c3d365d97608cb436510885acaffected
LinuxLinuxe51060f08a61965c4dd91516d82fe90617152590 < 74f160ead74bfe5f2b38afb4fcf86189f9ff40c9affected
LinuxLinux2.6.18affected
LinuxLinux0 < 2.6.18unaffected
LinuxLinux4.4.276 <= 4.4.*unaffected
LinuxLinux4.9.276 <= 4.9.*unaffected
LinuxLinux4.14.240 <= 4.14.*unaffected
LinuxLinux4.19.198 <= 4.19.*unaffected
LinuxLinux5.4.133 <= 5.4.*unaffected
LinuxLinux5.10.51 <= 5.10.*unaffected
LinuxLinux5.12.18 <= 5.12.*unaffected
LinuxLinux5.13.3 <= 5.13.*unaffected
LinuxLinux5.14 <= *unaffected

Weaknesses

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References