CVE-2021-47011

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The issue is related to the memory control and slab management in the Linux kernel. Specifically, it involves the use of obj cgroup APIs to charge kmem pages. The problem arises when certain objects, such as allocations larger than order-1 page on SLUB, are not charged with the new APIs and still hold a reference to the memory cgroup. This can cause the memory cgroup to be pinned in memory even after it is removed. A script is provided to demonstrate this scenario, where 500 dying cgroups are added to the system. The patchset aims to fix this issue by making the kmem pages drop the reference to the memory cgroup using the obj cgroup APIs.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.