CVE-2021-47125

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A refcount leak issue has been identified in the Linux kernel, specifically in the htb parent to leaf offload function. The commit ae81feb7338c, which aimed to fix a NULL pointer dereference bug, was found to be incorrect. The htb graft helper function properly handles the case when new q is NULL, but skipping this call creates an inconsistency where dev queue->qdisc points to the old qdisc, while cl->parent->leaf.q points to the new one, which can be noop qdisc if new q is NULL. This inconsistency can lead to refcount leaks. The correct fix involves adding a NULL pointer check to protect qdisc refcount inc inside htb parent to leaf offload.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.