CVE-2021-47367 virtio-net: fix pages leaking when building skb in big mode

2024-05-2115:03:33

Linux

www.cve.org

cve-2021-47367

virtio-net

pages leaking

skb

big mode

6.4 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

9.1%

JSON

In the Linux kernel, the following vulnerability has been resolved:

virtio-net: fix pages leaking when building skb in big mode

We try to use build_skb() if we had sufficient tailroom. But we forget
to release the unused pages chained via private in big mode which will
leak pages. Fixing this by release the pages after building the skb in
big mode.

CNA Affected

[
  {
    "product": "Linux",
    "vendor": "Linux",
    "defaultStatus": "unaffected",
    "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
    "programFiles": [
      "drivers/net/virtio_net.c"
    ],
    "versions": [
      {
        "version": "fb32856b16ad",
        "lessThan": "f020bb63b5d2",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "fb32856b16ad",
        "lessThan": "afd92d82c9d7",
        "status": "affected",
        "versionType": "git"
      }
    ]
  },
  {
    "product": "Linux",
    "vendor": "Linux",
    "defaultStatus": "affected",
    "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
    "programFiles": [
      "drivers/net/virtio_net.c"
    ],
    "versions": [
      {
        "version": "5.13",
        "status": "affected"
      },
      {
        "version": "0",
        "lessThan": "5.13",
        "status": "unaffected",
        "versionType": "custom"
      },
      {
        "version": "5.14.9",
        "lessThanOrEqual": "5.14.*",
        "status": "unaffected",
        "versionType": "custom"
      },
      {
        "version": "5.15",
        "lessThanOrEqual": "*",
        "status": "unaffected",
        "versionType": "original_commit_for_fix"
      }
    ]
  }
]