PT-2024-11461 · Linux+2 · Linux Kernel+2

Xiyu Yang

Published

2021-09-09

Updated

2024-11-05

CVE-2021-47467

CVSS v3.1

5.3

Medium

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The issue is a reference count leak in the kfree at end function of the Linux kernel. This occurs when the kunit alloc and get resource function is invoked, causing the returned resource object's refcount to increase without being handled, resulting in a refcount leak. The problem can be fixed by calling kunit alloc resource instead of kunit alloc and get resource.

Recommendations To resolve the issue, call kunit alloc resource instead of kunit alloc and get resource when invoking the kfree at end function. As a temporary workaround, consider disabling the kunit alloc and get resource function until a patch is available.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-402

Related Identifiers

BDU:2025-14323

CVE-2021-47467

OPENSUSE-SU-2024_2189-1

SUSE-SU-2024:2008-1

SUSE-SU-2024:2011-1

SUSE-SU-2024:2019-1

SUSE-SU-2024:2189-1

SUSE-SU-2024:2190-1

Affected Products

Astra Linux

Linux Kernel

Suse

PT-2024-11461 · Linux+2 · Linux Kernel+2

CVE-2021-47467

Weakness Enumeration

Related Identifiers

Affected Products

References · 1245