PT-2021-8220 · Linux+3 · Linux Kernel+3

Jianglei Nie

Published

2021-12-14

Updated

2024-12-02

CVE-2021-47585

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The issue is related to a memory leak in the add inode ref() function. Specifically, when the function returns in line 1184, the victim name allocated by kmalloc() in line 1169 is not freed, leading to a memory leak. This is similar to another part of the function where a memory chunk for victim name is allocated in line 1104 and released in line 1116. The fix involves calling kfree() on victim name when the return value of backref in log() is less than zero and before the function returns in line 1184.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Memory Leak

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-401

Related Identifiers

BDU:2024-11533

CVE-2021-47585

OPENSUSE-SU-2024_2372-1

OPENSUSE-SU-2024_2394-1

SUSE-SU-2024:2372-1

SUSE-SU-2024:2394-1

SUSE-SU-2024:2902-1

SUSE-SU-2024:2929-1

SUSE-SU-2024:2939-1

Affected Products

Astra Linux

Linux Kernel

Red Os

Suse

PT-2021-8220 · Linux+3 · Linux Kernel+3

CVE-2021-47585

Weakness Enumeration

Related Identifiers

Affected Products

References · 1206