CVE-2021-46968

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2021-46968

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2021-46968.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2021-46968

Downstream

DEBIAN-CVE-2021-46968

SUSE-SU-2024:0856-1

SUSE-SU-2024:0857-1

UBUNTU-CVE-2021-46968

Related

Published

2024-02-27T19:04:07Z

Modified

2025-08-09T20:01:28Z

Severity

5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator

Summary

[none]

Details

In the Linux kernel, the following vulnerability has been resolved:

s390/zcrypt: fix zcard and zqueue hot-unplug memleak

Tests with kvm and a kmemdebug kernel showed, that on hot unplug the zcard and zqueue structs for the unplugged card or queue are not properly freed because of a mismatch with get/put for the embedded kref counter.

This fix now adjusts the handling of the kref counters. With init the kref counter starts with 1. This initial value needs to drop to zero with the unregister of the card or queue to trigger the release and free the object.

References

Affected packages