CVE-2021-46935

Name of the Vulnerable Software and Affected Versions Linux kernel versions 4.13 and earlier

Description The issue is related to the async free space function in the Linux kernel's binder component. It causes a leak of up to 8 bytes of async free space on every async transaction of 8 bytes or less. This happens because the accounting of async free space did not add the sizeof(void *) back when freeing space. The fix involves using buffer size instead of size when updating async free space during the free operation.

Recommendations To resolve the issue, update the Linux kernel to a version that includes the fix for the async free space accounting issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.