CVE-2021-47367

Summary

In the Linux kernel, the following vulnerability has been resolved:

virtio-net: fix pages leaking when building skb in big mode

We try to use build_skb() if we had sufficient tailroom. But we forget to release the unused pages chained via private in big mode which will leak pages. Fixing this by release the pages after building the skb in big mode.

Affected Software

VendorProductVersion RangeStatus
LinuxLinuxfb32856b16ad9d5bcd75b76a274e2c515ac7b9d7 < f020bb63b5d2e5576acadd10e158fe3b04af67baaffected
LinuxLinuxfb32856b16ad9d5bcd75b76a274e2c515ac7b9d7 < afd92d82c9d715fb97565408755acad81573591aaffected
LinuxLinux5.13affected
LinuxLinux0 < 5.13unaffected
LinuxLinux5.14.9 <= 5.14.*unaffected
LinuxLinux5.15 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

CVE Program Container

Additional References

References