Action not permitted
Modal body text goes here.
Modal Title
Modal Body
GSD-2021-47250
Vulnerability from gsd - Updated: 2024-04-11 05:05Details
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
Aliases
{
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2021-47250"
],
"id": "GSD-2021-47250",
"modified": "2024-04-11T05:05:09.717215Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2021-47250",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
}
}
CVE-2021-47250 (GCVE-0-2021-47250)
Vulnerability from cvelistv5 – Published: 2024-05-21 14:19 – Updated: 2025-05-04 07:07
VLAI?
EPSS
Summary
In the Linux kernel, the following vulnerability has been resolved:
net: ipv4: fix memory leak in netlbl_cipsov4_add_std
Reported by syzkaller:
BUG: memory leak
unreferenced object 0xffff888105df7000 (size 64):
comm "syz-executor842", pid 360, jiffies 4294824824 (age 22.546s)
hex dump (first 32 bytes):
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
backtrace:
[<00000000e67ed558>] kmalloc include/linux/slab.h:590 [inline]
[<00000000e67ed558>] kzalloc include/linux/slab.h:720 [inline]
[<00000000e67ed558>] netlbl_cipsov4_add_std net/netlabel/netlabel_cipso_v4.c:145 [inline]
[<00000000e67ed558>] netlbl_cipsov4_add+0x390/0x2340 net/netlabel/netlabel_cipso_v4.c:416
[<0000000006040154>] genl_family_rcv_msg_doit.isra.0+0x20e/0x320 net/netlink/genetlink.c:739
[<00000000204d7a1c>] genl_family_rcv_msg net/netlink/genetlink.c:783 [inline]
[<00000000204d7a1c>] genl_rcv_msg+0x2bf/0x4f0 net/netlink/genetlink.c:800
[<00000000c0d6a995>] netlink_rcv_skb+0x134/0x3d0 net/netlink/af_netlink.c:2504
[<00000000d78b9d2c>] genl_rcv+0x24/0x40 net/netlink/genetlink.c:811
[<000000009733081b>] netlink_unicast_kernel net/netlink/af_netlink.c:1314 [inline]
[<000000009733081b>] netlink_unicast+0x4a0/0x6a0 net/netlink/af_netlink.c:1340
[<00000000d5fd43b8>] netlink_sendmsg+0x789/0xc70 net/netlink/af_netlink.c:1929
[<000000000a2d1e40>] sock_sendmsg_nosec net/socket.c:654 [inline]
[<000000000a2d1e40>] sock_sendmsg+0x139/0x170 net/socket.c:674
[<00000000321d1969>] ____sys_sendmsg+0x658/0x7d0 net/socket.c:2350
[<00000000964e16bc>] ___sys_sendmsg+0xf8/0x170 net/socket.c:2404
[<000000001615e288>] __sys_sendmsg+0xd3/0x190 net/socket.c:2433
[<000000004ee8b6a5>] do_syscall_64+0x37/0x90 arch/x86/entry/common.c:47
[<00000000171c7cee>] entry_SYSCALL_64_after_hwframe+0x44/0xae
The memory of doi_def->map.std pointing is allocated in
netlbl_cipsov4_add_std, but no place has freed it. It should be
freed in cipso_v4_doi_free which frees the cipso DOI resource.
Severity ?
No CVSS data available.
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Linux | Linux |
Affected:
96cb8e3313c7a12e026c1ed510522ae6f6023875 , < 212166510582631994be4f4b3fe15e10a03c1dd4
(git)
Affected: 96cb8e3313c7a12e026c1ed510522ae6f6023875 , < 086e92b1d68c6338535f715aad173f8cf4bfbc8c (git) Affected: 96cb8e3313c7a12e026c1ed510522ae6f6023875 , < 6dcea66d3bb519b426282588f38e884e07893c1f (git) Affected: 96cb8e3313c7a12e026c1ed510522ae6f6023875 , < 5340858147e3dc60913fb3dd0cbb758ec4a26e66 (git) Affected: 96cb8e3313c7a12e026c1ed510522ae6f6023875 , < 398a24447eb60f060c8994221cb5ae6caf355fa1 (git) Affected: 96cb8e3313c7a12e026c1ed510522ae6f6023875 , < deeeb65c6ee404f2d1fb80b38b2730645c0f4663 (git) Affected: 96cb8e3313c7a12e026c1ed510522ae6f6023875 , < 0ffb460be3abac86f884a8c548bb02724ec370f4 (git) Affected: 96cb8e3313c7a12e026c1ed510522ae6f6023875 , < d612c3f3fae221e7ea736d196581c2217304bbbc (git) |
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-47250",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-12T15:04:20.108779Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-12T15:04:30.065Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-04T05:32:07.879Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/212166510582631994be4f4b3fe15e10a03c1dd4"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/086e92b1d68c6338535f715aad173f8cf4bfbc8c"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/6dcea66d3bb519b426282588f38e884e07893c1f"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/5340858147e3dc60913fb3dd0cbb758ec4a26e66"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/398a24447eb60f060c8994221cb5ae6caf355fa1"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/deeeb65c6ee404f2d1fb80b38b2730645c0f4663"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/0ffb460be3abac86f884a8c548bb02724ec370f4"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/d612c3f3fae221e7ea736d196581c2217304bbbc"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"net/ipv4/cipso_ipv4.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "212166510582631994be4f4b3fe15e10a03c1dd4",
"status": "affected",
"version": "96cb8e3313c7a12e026c1ed510522ae6f6023875",
"versionType": "git"
},
{
"lessThan": "086e92b1d68c6338535f715aad173f8cf4bfbc8c",
"status": "affected",
"version": "96cb8e3313c7a12e026c1ed510522ae6f6023875",
"versionType": "git"
},
{
"lessThan": "6dcea66d3bb519b426282588f38e884e07893c1f",
"status": "affected",
"version": "96cb8e3313c7a12e026c1ed510522ae6f6023875",
"versionType": "git"
},
{
"lessThan": "5340858147e3dc60913fb3dd0cbb758ec4a26e66",
"status": "affected",
"version": "96cb8e3313c7a12e026c1ed510522ae6f6023875",
"versionType": "git"
},
{
"lessThan": "398a24447eb60f060c8994221cb5ae6caf355fa1",
"status": "affected",
"version": "96cb8e3313c7a12e026c1ed510522ae6f6023875",
"versionType": "git"
},
{
"lessThan": "deeeb65c6ee404f2d1fb80b38b2730645c0f4663",
"status": "affected",
"version": "96cb8e3313c7a12e026c1ed510522ae6f6023875",
"versionType": "git"
},
{
"lessThan": "0ffb460be3abac86f884a8c548bb02724ec370f4",
"status": "affected",
"version": "96cb8e3313c7a12e026c1ed510522ae6f6023875",
"versionType": "git"
},
{
"lessThan": "d612c3f3fae221e7ea736d196581c2217304bbbc",
"status": "affected",
"version": "96cb8e3313c7a12e026c1ed510522ae6f6023875",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"net/ipv4/cipso_ipv4.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "2.6.19"
},
{
"lessThan": "2.6.19",
"status": "unaffected",
"version": "0",
"versionType": "semver"
},
{
"lessThanOrEqual": "4.4.*",
"status": "unaffected",
"version": "4.4.274",
"versionType": "semver"
},
{
"lessThanOrEqual": "4.9.*",
"status": "unaffected",
"version": "4.9.274",
"versionType": "semver"
},
{
"lessThanOrEqual": "4.14.*",
"status": "unaffected",
"version": "4.14.238",
"versionType": "semver"
},
{
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"version": "4.19.196",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"version": "5.4.128",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.46",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.12.*",
"status": "unaffected",
"version": "5.12.13",
"versionType": "semver"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "5.13",
"versionType": "original_commit_for_fix"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.4.274",
"versionStartIncluding": "2.6.19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.9.274",
"versionStartIncluding": "2.6.19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.14.238",
"versionStartIncluding": "2.6.19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.19.196",
"versionStartIncluding": "2.6.19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.4.128",
"versionStartIncluding": "2.6.19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.10.46",
"versionStartIncluding": "2.6.19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.12.13",
"versionStartIncluding": "2.6.19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.13",
"versionStartIncluding": "2.6.19",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: ipv4: fix memory leak in netlbl_cipsov4_add_std\n\nReported by syzkaller:\nBUG: memory leak\nunreferenced object 0xffff888105df7000 (size 64):\ncomm \"syz-executor842\", pid 360, jiffies 4294824824 (age 22.546s)\nhex dump (first 32 bytes):\n00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\nbacktrace:\n[\u003c00000000e67ed558\u003e] kmalloc include/linux/slab.h:590 [inline]\n[\u003c00000000e67ed558\u003e] kzalloc include/linux/slab.h:720 [inline]\n[\u003c00000000e67ed558\u003e] netlbl_cipsov4_add_std net/netlabel/netlabel_cipso_v4.c:145 [inline]\n[\u003c00000000e67ed558\u003e] netlbl_cipsov4_add+0x390/0x2340 net/netlabel/netlabel_cipso_v4.c:416\n[\u003c0000000006040154\u003e] genl_family_rcv_msg_doit.isra.0+0x20e/0x320 net/netlink/genetlink.c:739\n[\u003c00000000204d7a1c\u003e] genl_family_rcv_msg net/netlink/genetlink.c:783 [inline]\n[\u003c00000000204d7a1c\u003e] genl_rcv_msg+0x2bf/0x4f0 net/netlink/genetlink.c:800\n[\u003c00000000c0d6a995\u003e] netlink_rcv_skb+0x134/0x3d0 net/netlink/af_netlink.c:2504\n[\u003c00000000d78b9d2c\u003e] genl_rcv+0x24/0x40 net/netlink/genetlink.c:811\n[\u003c000000009733081b\u003e] netlink_unicast_kernel net/netlink/af_netlink.c:1314 [inline]\n[\u003c000000009733081b\u003e] netlink_unicast+0x4a0/0x6a0 net/netlink/af_netlink.c:1340\n[\u003c00000000d5fd43b8\u003e] netlink_sendmsg+0x789/0xc70 net/netlink/af_netlink.c:1929\n[\u003c000000000a2d1e40\u003e] sock_sendmsg_nosec net/socket.c:654 [inline]\n[\u003c000000000a2d1e40\u003e] sock_sendmsg+0x139/0x170 net/socket.c:674\n[\u003c00000000321d1969\u003e] ____sys_sendmsg+0x658/0x7d0 net/socket.c:2350\n[\u003c00000000964e16bc\u003e] ___sys_sendmsg+0xf8/0x170 net/socket.c:2404\n[\u003c000000001615e288\u003e] __sys_sendmsg+0xd3/0x190 net/socket.c:2433\n[\u003c000000004ee8b6a5\u003e] do_syscall_64+0x37/0x90 arch/x86/entry/common.c:47\n[\u003c00000000171c7cee\u003e] entry_SYSCALL_64_after_hwframe+0x44/0xae\n\nThe memory of doi_def-\u003emap.std pointing is allocated in\nnetlbl_cipsov4_add_std, but no place has freed it. It should be\nfreed in cipso_v4_doi_free which frees the cipso DOI resource."
}
],
"providerMetadata": {
"dateUpdated": "2025-05-04T07:07:08.871Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/212166510582631994be4f4b3fe15e10a03c1dd4"
},
{
"url": "https://git.kernel.org/stable/c/086e92b1d68c6338535f715aad173f8cf4bfbc8c"
},
{
"url": "https://git.kernel.org/stable/c/6dcea66d3bb519b426282588f38e884e07893c1f"
},
{
"url": "https://git.kernel.org/stable/c/5340858147e3dc60913fb3dd0cbb758ec4a26e66"
},
{
"url": "https://git.kernel.org/stable/c/398a24447eb60f060c8994221cb5ae6caf355fa1"
},
{
"url": "https://git.kernel.org/stable/c/deeeb65c6ee404f2d1fb80b38b2730645c0f4663"
},
{
"url": "https://git.kernel.org/stable/c/0ffb460be3abac86f884a8c548bb02724ec370f4"
},
{
"url": "https://git.kernel.org/stable/c/d612c3f3fae221e7ea736d196581c2217304bbbc"
}
],
"title": "net: ipv4: fix memory leak in netlbl_cipsov4_add_std",
"x_generator": {
"engine": "bippy-1.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2021-47250",
"datePublished": "2024-05-21T14:19:46.886Z",
"dateReserved": "2024-04-10T18:59:19.537Z",
"dateUpdated": "2025-05-04T07:07:08.871Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…