CVE-2021-47250

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2021-47250
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2021-47250.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2021-47250
Downstream
Related
Published
2024-05-21T15:15:13.930Z
Modified
2026-03-13T05:20:38.601529Z
Severity
  • 5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
Summary
[none]
Details

In the Linux kernel, the following vulnerability has been resolved:

net: ipv4: fix memory leak in netlblcipsov4add_std

Reported by syzkaller: BUG: memory leak unreferenced object 0xffff888105df7000 (size 64): comm "syz-executor842", pid 360, jiffies 4294824824 (age 22.546s) hex dump (first 32 bytes): 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ backtrace: [<00000000e67ed558>] kmalloc include/linux/slab.h:590 [inline] [<00000000e67ed558>] kzalloc include/linux/slab.h:720 [inline] [<00000000e67ed558>] netlblcipsov4addstd net/netlabel/netlabelcipsov4.c:145 [inline] [<00000000e67ed558>] netlblcipsov4add+0x390/0x2340 net/netlabel/netlabelcipsov4.c:416 [<0000000006040154>] genlfamilyrcvmsgdoit.isra.0+0x20e/0x320 net/netlink/genetlink.c:739 [<00000000204d7a1c>] genlfamilyrcvmsg net/netlink/genetlink.c:783 [inline] [<00000000204d7a1c>] genlrcvmsg+0x2bf/0x4f0 net/netlink/genetlink.c:800 [<00000000c0d6a995>] netlinkrcvskb+0x134/0x3d0 net/netlink/afnetlink.c:2504 [<00000000d78b9d2c>] genlrcv+0x24/0x40 net/netlink/genetlink.c:811 [<000000009733081b>] netlinkunicastkernel net/netlink/afnetlink.c:1314 [inline] [<000000009733081b>] netlinkunicast+0x4a0/0x6a0 net/netlink/afnetlink.c:1340 [<00000000d5fd43b8>] netlinksendmsg+0x789/0xc70 net/netlink/afnetlink.c:1929 [<000000000a2d1e40>] socksendmsgnosec net/socket.c:654 [inline] [<000000000a2d1e40>] socksendmsg+0x139/0x170 net/socket.c:674 [<00000000321d1969>] ____sys_sendmsg+0x658/0x7d0 net/socket.c:2350 [<00000000964e16bc>] ___sys_sendmsg+0xf8/0x170 net/socket.c:2404 [<000000001615e288>] _syssendmsg+0xd3/0x190 net/socket.c:2433 [<000000004ee8b6a5>] dosyscall64+0x37/0x90 arch/x86/entry/common.c:47 [<00000000171c7cee>] entrySYSCALL64afterhwframe+0x44/0xae

The memory of doidef->map.std pointing is allocated in netlblcipsov4addstd, but no place has freed it. It should be freed in cipsov4doi_free which frees the cipso DOI resource.

References

Affected packages

Git /

Affected ranges

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2021-47250.json"
unresolved_ranges 
[
    {
        "events": [
            {
                "introduced": "2.6.19"
            },
            {
                "fixed": "4.4.274"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "4.5"
            },
            {
                "fixed": "4.9.274"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "4.10"
            },
            {
                "fixed": "4.14.238"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "4.15"
            },
            {
                "fixed": "4.19.196"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "4.20"
            },
            {
                "fixed": "5.4.128"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "5.5"
            },
            {
                "fixed": "5.10.46"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "5.11"
            },
            {
                "fixed": "5.12.13"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "5.13-rc1"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "5.13-rc2"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "5.13-rc3"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "5.13-rc4"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "5.13-rc5"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "5.13-rc6"
            }
        ]
    }
]