CVE-2021-47466
Description
In the Linux kernel, the following vulnerability has been resolved: mm, slub: fix potential memoryleak in kmem_cache_open() In error path, the random_seq of slub cache might be leaked. Fix this by using __kmem_cache_release() to release all the relevant resources.
Predictions
Heuristic predictions, AS-IS, for prioritization only.
Mitigations
Mitigation details
Description kernel: mm, slub: fix potential memoryleak in kmem_cache_open() CVSS v3: 5.5 (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H) Errata / fixed releases ProductPackageAdvisoryReleased Red Hat Enterprise Linux 8kernel-rt-0:4.18.0-553.22.1.rt7.363.el8_10RHSA-2024:70012024-09-24T00:00:00Z Red Hat Enterprise Linux 8kernel-0:4.18.0-553.22.1.el8_10RHSA-2024:70002024-09-24T00:00:00Z Package stateβ¦
Description
kernel: mm, slub: fix potential memoryleak in kmem_cache_open()
CVSS v3: 5.5 (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H)
Errata / fixed releases
| Product | Package | Advisory | Released |
|---|---|---|---|
| Red Hat Enterprise Linux 8 | kernel-rt-0:4.18.0-553.22.1.rt7.363.el8_10 | RHSA-2024:7001 | 2024-09-24T00:00:00Z |
| Red Hat Enterprise Linux 8 | kernel-0:4.18.0-553.22.1.el8_10 | RHSA-2024:7000 | 2024-09-24T00:00:00Z |
Package state
| Product | Package | State |
|---|---|---|
| Red Hat Enterprise Linux 6 | kernel | Out of support scope |
| Red Hat Enterprise Linux 7 | kernel | Out of support scope |
| Red Hat Enterprise Linux 7 | kernel-rt | Out of support scope |
| Red Hat Enterprise Linux 9 | kernel | Not affected |
| Red Hat Enterprise Linux 9 | kernel-rt | Not affected |
Apply commands
yum update -y kernel-rt
# or:
dnf upgrade -y kernel-rtAffected
| Vendor | Product | Version |
|---|---|---|
| redhat | Red Hat Enterprise Linux 9 | Not affected |
| redhat | Red Hat Enterprise Linux 9 | Not affected |
OS impact
SUSE Affected 1 release
| Version | Status | Fixed in |
|---|---|---|
| β | Affected | β |
Debian Fixed 5 releases
| Version | Status | Fixed in |
|---|---|---|
| trixie | Fixed | 5.14.16-1 |
| sid | Fixed | 5.14.16-1 |
| forky | Fixed | 5.14.16-1 |
| bullseye | Fixed | 5.10.84-1 |
| bookworm | Fixed | 5.14.16-1 |
Red Hat Fixed 1 release
| Version | Status | Fixed in |
|---|---|---|
| 8 | Fixed | β |
Rocky Linux Fixed 1 release
| Version | Status | Fixed in |
|---|---|---|
| 8 | Fixed | β |
References
- https://errata.rockylinux.org/RLSA-2024:7000
- https://errata.rockylinux.org/RLSA-2024:7001
- https://www.suse.com/security/cve/CVE-2021-47466.html
- https://security-tracker.debian.org/tracker/CVE-2021-47466
- https://access.redhat.com/errata/RHSA-2024:7000
- https://bugzilla.redhat.com/2258012
- https://bugzilla.redhat.com/2258013
- https://bugzilla.redhat.com/2260038
- https://bugzilla.redhat.com/2265799
- https://bugzilla.redhat.com/2265838
- https://bugzilla.redhat.com/2266358
- https://bugzilla.redhat.com/2266750
- https://bugzilla.redhat.com/2267036
- https://bugzilla.redhat.com/2267041
- https://bugzilla.redhat.com/2267795
- https://bugzilla.redhat.com/2267916
- https://bugzilla.redhat.com/2267925
- https://bugzilla.redhat.com/2268295
- https://bugzilla.redhat.com/2270103
- https://bugzilla.redhat.com/2271648
- https://bugzilla.redhat.com/2271796
- https://bugzilla.redhat.com/2272793
- https://bugzilla.redhat.com/2273141
- https://bugzilla.redhat.com/2273148
- https://bugzilla.redhat.com/2273180
Community-verified mitigations for this CVE will appear above when contributors publish them.
Verify integrity in audit chain (admin only). AS-IS.