CVE-2021-47292

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The issue is related to a memory leak in the io init wq offload() function of the Linux kernel's io uring component. This leak occurs when io uring enter() is called in parallel, causing the hash map to be leaked. The vulnerability can be exploited to cause a denial of service. The io uring enter() function is a system call that allows user-space applications to interact with the io uring subsystem. The hash map is a data structure used by the io uring subsystem to manage I/O operations.

Recommendations To resolve the issue, add uring lock to protect the hash map when calling io uring enter() in parallel. This will prevent the hash map from being leaked and mitigate the risk of a denial of service.

Note: Since the affected versions are not specified, it is recommended to update to the latest version of the Linux kernel that includes the fix for the io uring memory leak. However, without specific version information, the exact update path cannot be provided.