CVE-2021-47371

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A memory leak issue has been resolved in the Linux kernel. The issue was discovered by syzkaller and can be triggered by specific commands, including ip nexthop add id 1 blackhole and devlink dev reload pci/0000:06:00.0. The problem occurs when mlxsw unregisters its netdevs and then unregisters from the nexthop notification chain, but does not receive notifications for nexthops using netdevs that are not dismantled as part of the reload flow. To fix this issue, the kernel now replays delete notifications for the listener being unregistered, which is symmetric to the registration path and consistent with the netdev notification chain.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.