PT-2024-11388 · Linux+2 · Linux Kernel+2

Tao Liu

Published

2021-09-13

Updated

2025-09-23

CVE-2021-47392

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A listener leak issue in the RDMA/cma component of the Linux kernel has been resolved. The issue occurs when cma listen on all() fails, leaving the per-device ID on the listen list without setting the state to RDMA CM ADDR BOUND. As a result, when the cmid is eventually destroyed, cma cancel listens() is not called due to the incorrect state, and the per-device IDs still hold the refcount, preventing the ID from being destroyed and causing a deadlock. The issue is resolved by ensuring that cma listen on all() atomically unwinds its action under the lock during error.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Memory Leak

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-401

Related Identifiers

BDU:2025-14377

CVE-2021-47392

OPENSUSE-SU-2024_2185-1

OPENSUSE-SU-2024_2189-1

SUSE-SU-2024:2008-1

SUSE-SU-2024:2010-1

SUSE-SU-2024:2011-1

SUSE-SU-2024:2019-1

SUSE-SU-2024:2185-1

SUSE-SU-2024:2189-1

SUSE-SU-2024:2190-1

Affected Products

Astra Linux

Linux Kernel

Suse

PT-2024-11388 · Linux+2 · Linux Kernel+2

CVE-2021-47392

Weakness Enumeration

Related Identifiers

Affected Products

References · 1430