CVE-2021-47538

Summary

In the Linux kernel, the following vulnerability has been resolved:

rxrpc: Fix rxrpc_local leak in rxrpc_lookup_peer()

Need to call rxrpc_put_local() for peer candidate before kfree() as it holds a ref to rxrpc_local.

[DH: v2: Changed to abstract the peer freeing code out into a function]

Affected Software

VendorProductVersion RangeStatus
LinuxLinuxe8e51ce79c157188e209e5ea0afaf6b42dd76104 < 913c24af2d13a3fd304462916ee98e298d56bdceaffected
LinuxLinux9ebeddef58c41bd700419cdcece24cf64ce32276 < 3e70e3a72d80b16094faccbe438cd53761c3503aaffected
LinuxLinux9ebeddef58c41bd700419cdcece24cf64ce32276 < 60f0b9c42cb80833a03ca57c1c8b078d716e71d1affected
LinuxLinux9ebeddef58c41bd700419cdcece24cf64ce32276 < 9469273e616ca8f1b6e3773c5019f21b4c8d828caffected
LinuxLinux9ebeddef58c41bd700419cdcece24cf64ce32276 < beacff50edbd6c9659a6f15fc7f6126909fade29affected
LinuxLinux9b7fc03b4cdbfb668b6891967105258691c6d3b5affected
LinuxLinux4.19.82 < 4.19.220affected
LinuxLinux5.3.9 < 5.4affected
LinuxLinux5.4affected
LinuxLinux0 < 5.4unaffected
LinuxLinux4.19.220 <= 4.19.*unaffected
LinuxLinux5.4.164 <= 5.4.*unaffected
LinuxLinux5.10.84 <= 5.10.*unaffected
LinuxLinux5.15.7 <= 5.15.*unaffected
LinuxLinux5.16 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

CVE Program Container

Additional References

References