Lucene search

416baaa9-dc9f-4396-8d5f-8c081fb06d67NVD:CVE-2021-47367

HistoryMay 21, 2024 - 3:15 p.m.

CVE-2021-47367

2024-05-2115:15:22

CWE-119

416baaa9-dc9f-4396-8d5f-8c081fb06d67

web.nvd.nist.gov

linux kernel

virtio-net

skb building

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

6.4 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

9.2%

JSON

In the Linux kernel, the following vulnerability has been resolved:

virtio-net: fix pages leaking when building skb in big mode

We try to use build_skb() if we had sufficient tailroom. But we forget
to release the unused pages chained via private in big mode which will
leak pages. Fixing this by release the pages after building the skb in
big mode.

References

git.kernel.org/stable/c/afd92d82c9d715fb97565408755acad81573591a

git.kernel.org/stable/c/f020bb63b5d2e5576acadd10e158fe3b04af67ba

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

6.4 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

9.2%

JSON

Related for NVD:CVE-2021-47367