CVE-2021-47539

Summary

In the Linux kernel, the following vulnerability has been resolved:

rxrpc: Fix rxrpc_peer leak in rxrpc_look_up_bundle()

Need to call rxrpc_put_peer() for bundle candidate before kfree() as it holds a ref to rxrpc_peer.

[DH: v2: Changed to abstract out the bundle freeing code into a function]

Affected Software

VendorProductVersion RangeStatus
LinuxLinux245500d853e9f20036cec7df4f6984ece4c6bf26 < 35b40f724c4ef0f683d94dab3af9ab38261d782baffected
LinuxLinux245500d853e9f20036cec7df4f6984ece4c6bf26 < bc97458620e38961af9505cc060ad4cf5c9e4af7affected
LinuxLinux245500d853e9f20036cec7df4f6984ece4c6bf26 < ca77fba821351190777b236ce749d7c4d353102eaffected
LinuxLinux5.10affected
LinuxLinux0 < 5.10unaffected
LinuxLinux5.10.84 <= 5.10.*unaffected
LinuxLinux5.15.7 <= 5.15.*unaffected
LinuxLinux5.16 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

CVE Program Container

Additional References

References