PT-2024-9058 · Linux+3 · Linux Kernel+3

Published

2024-05-24

Updated

2024-11-26

CVE-2021-47538

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions: Linux kernel (affected versions not specified)

Description: The issue is related to a leak in the rxrpc lookup peer() function, which holds a reference to rxrpc local. This leak can be exploited to cause a denial of service or potentially allow an attacker to access confidential information. The vulnerability is associated with the rxrpc component of the Linux kernel and involves functions such as rxrpc create peer(), rxrpc lookup peer(), rxrpc put peer(), and rxrpc put peer locked() in net/rxrpc/peer object.c.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Information Disclosure

Memory Leak

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-200CWE-401

Related Identifiers

BDU:2024-10740

CVE-2021-47538

OESA-2024-1705

OPENSUSE-SU-2024_2185-1

OPENSUSE-SU-2024_2372-1

OPENSUSE-SU-2024_2394-1

SUSE-SU-2024:2010-1

SUSE-SU-2024:2183-1

SUSE-SU-2024:2185-1

SUSE-SU-2024:2372-1

SUSE-SU-2024:2394-1

SUSE-SU-2024:2939-1

Affected Products

Astra Linux

Linux Kernel

Red Os

Suse

PT-2024-9058 · Linux+3 · Linux Kernel+3

CVE-2021-47538

Weakness Enumeration

Related Identifiers

Affected Products

References · 1633