CVE-2021-47603

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The issue is related to the audit queue handling in the Linux kernel. If the audit daemon gets stuck in a stopped state, the kernel's kauditd thread() could get blocked attempting to send audit records to the userspace audit daemon. This could cause the audit queue to grow unbounded, potentially leading to a deadlock state. The problem is resolved by lowering the kernel thread's socket sending timeout and tweaking the kauditd send queue() function to better manage the audit queues when connection problems occur. With this patch, the backlog may temporarily grow beyond the defined limits when the audit daemon is stopped and the system is under heavy audit pressure, but kauditd thread() will continue to make progress and drain the queues as it would for other connection problems.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.