In the Linux kernel, the following vulnerability has been resolved: net:
ipv4: fix memory leak in netlbl_cipsov4_add_std Reported by syzkaller: BUG:
memory leak unreferenced object 0xffff888105df7000 (size 64): comm
“syz-executor842”, pid 360, jiffies 4294824824 (age 22.546s) hex dump
(first 32 bytes): 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
… 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
… backtrace: [<00000000e67ed558>] kmalloc
include/linux/slab.h:590 [inline] [<00000000e67ed558>] kzalloc
include/linux/slab.h:720 [inline] [<00000000e67ed558>]
netlbl_cipsov4_add_std net/netlabel/netlabel_cipso_v4.c:145 [inline]
[<00000000e67ed558>] netlbl_cipsov4_add+0x390/0x2340
net/netlabel/netlabel_cipso_v4.c:416 [<0000000006040154>]
genl_family_rcv_msg_doit.isra.0+0x20e/0x320 net/netlink/genetlink.c:739
[<00000000204d7a1c>] genl_family_rcv_msg net/netlink/genetlink.c:783
[inline] [<00000000204d7a1c>] genl_rcv_msg+0x2bf/0x4f0
net/netlink/genetlink.c:800 [<00000000c0d6a995>]
netlink_rcv_skb+0x134/0x3d0 net/netlink/af_netlink.c:2504
[<00000000d78b9d2c>] genl_rcv+0x24/0x40 net/netlink/genetlink.c:811
[<000000009733081b>] netlink_unicast_kernel net/netlink/af_netlink.c:1314
[inline] [<000000009733081b>] netlink_unicast+0x4a0/0x6a0
net/netlink/af_netlink.c:1340 [<00000000d5fd43b8>]
netlink_sendmsg+0x789/0xc70 net/netlink/af_netlink.c:1929
[<000000000a2d1e40>] sock_sendmsg_nosec net/socket.c:654 [inline]
[<000000000a2d1e40>] sock_sendmsg+0x139/0x170 net/socket.c:674
[<00000000321d1969>] ____sys_sendmsg+0x658/0x7d0 net/socket.c:2350
[<00000000964e16bc>] ___sys_sendmsg+0xf8/0x170 net/socket.c:2404
[<000000001615e288>] __sys_sendmsg+0xd3/0x190 net/socket.c:2433
[<000000004ee8b6a5>] do_syscall_64+0x37/0x90 arch/x86/entry/common.c:47
[<00000000171c7cee>] entry_SYSCALL_64_after_hwframe+0x44/0xae The memory of
doi_def->map.std pointing is allocated in netlbl_cipsov4_add_std, but no
place has freed it. It should be freed in cipso_v4_doi_free which frees the
cipso DOI resource.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 18.04 | noarch | linux | < any | UNKNOWN |
ubuntu | 20.04 | noarch | linux | < any | UNKNOWN |
ubuntu | 18.04 | noarch | linux-aws | < any | UNKNOWN |
ubuntu | 20.04 | noarch | linux-aws | < any | UNKNOWN |
ubuntu | 18.04 | noarch | linux-aws-5.4 | < any | UNKNOWN |
ubuntu | 16.04 | noarch | linux-aws-hwe | < any | UNKNOWN |
ubuntu | 20.04 | noarch | linux-azure | < any | UNKNOWN |
ubuntu | 14.04 | noarch | linux-azure | < any | UNKNOWN |
ubuntu | 16.04 | noarch | linux-azure | < any | UNKNOWN |
ubuntu | 18.04 | noarch | linux-azure-4.15 | < any | UNKNOWN |
git.kernel.org/linus/d612c3f3fae221e7ea736d196581c2217304bbbc (5.13-rc7)
git.kernel.org/stable/c/086e92b1d68c6338535f715aad173f8cf4bfbc8c
git.kernel.org/stable/c/0ffb460be3abac86f884a8c548bb02724ec370f4
git.kernel.org/stable/c/212166510582631994be4f4b3fe15e10a03c1dd4
git.kernel.org/stable/c/398a24447eb60f060c8994221cb5ae6caf355fa1
git.kernel.org/stable/c/5340858147e3dc60913fb3dd0cbb758ec4a26e66
git.kernel.org/stable/c/6dcea66d3bb519b426282588f38e884e07893c1f
git.kernel.org/stable/c/d612c3f3fae221e7ea736d196581c2217304bbbc
git.kernel.org/stable/c/deeeb65c6ee404f2d1fb80b38b2730645c0f4663
launchpad.net/bugs/cve/CVE-2021-47250
nvd.nist.gov/vuln/detail/CVE-2021-47250
security-tracker.debian.org/tracker/CVE-2021-47250
www.cve.org/CVERecord?id=CVE-2021-47250