CVE-2021-47250 - Vulnerability Details

Vendors	Products
Linux	Linux Kernel

Link	Providers
https://git.kernel.org/stable/c/086e92b1d68c6338535f715aad173f8cf4bfbc8c
https://git.kernel.org/stable/c/0ffb460be3abac86f884a8c548bb02724ec370f4
https://git.kernel.org/stable/c/212166510582631994be4f4b3fe15e10a03c1dd4
https://git.kernel.org/stable/c/398a24447eb60f060c8994221cb5ae6caf355fa1
https://git.kernel.org/stable/c/5340858147e3dc60913fb3dd0cbb758ec4a26e66
https://git.kernel.org/stable/c/6dcea66d3bb519b426282588f38e884e07893c1f
https://git.kernel.org/stable/c/d612c3f3fae221e7ea736d196581c2217304bbbc
https://git.kernel.org/stable/c/deeeb65c6ee404f2d1fb80b38b2730645c0f4663
https://lore.kernel.org/linux-cve-announce/2024052144-CVE-2021-47250-7fad@gregkh/T
https://nvd.nist.gov/vuln/detail/CVE-2021-47250
https://www.cve.org/CVERecord?id=CVE-2021-47250

Type	Values Removed	Values Added
First Time appeared		Linux Linux linux Kernel
Weaknesses		CWE-401
CPEs		cpe:2.3:o:linux:linux_kernel:::::::: cpe:2.3:o:linux:linux_kernel:5.13:rc1:::::: cpe:2.3:o:linux:linux_kernel:5.13:rc2:::::: cpe:2.3:o:linux:linux_kernel:5.13:rc3:::::: cpe:2.3:o:linux:linux_kernel:5.13:rc4:::::: cpe:2.3:o:linux:linux_kernel:5.13:rc5:::::: cpe:2.3:o:linux:linux_kernel:5.13:rc6::::::
Vendors & Products		Linux Linux linux Kernel
Metrics	cvssV3_1 `{'score': 6.1, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L'}`	cvssV3_1 `{'score': 5.5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H'}`

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Show plain JSON

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2021-47250", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2024-04-10T18:59:19.537Z", "datePublished": "2024-05-21T14:19:46.886Z", "dateUpdated": "2025-05-04T07:07:08.871Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2025-05-04T07:07:08.871Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: ipv4: fix memory leak in netlbl_cipsov4_add_std\n\nReported by syzkaller:\nBUG: memory leak\nunreferenced object 0xffff888105df7000 (size 64):\ncomm \"syz-executor842\", pid 360, jiffies 4294824824 (age 22.546s)\nhex dump (first 32 bytes):\n00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\nbacktrace:\n[<00000000e67ed558>] kmalloc include/linux/slab.h:590 [inline]\n[<00000000e67ed558>] kzalloc include/linux/slab.h:720 [inline]\n[<00000000e67ed558>] netlbl_cipsov4_add_std net/netlabel/netlabel_cipso_v4.c:145 [inline]\n[<00000000e67ed558>] netlbl_cipsov4_add+0x390/0x2340 net/netlabel/netlabel_cipso_v4.c:416\n[<0000000006040154>] genl_family_rcv_msg_doit.isra.0+0x20e/0x320 net/netlink/genetlink.c:739\n[<00000000204d7a1c>] genl_family_rcv_msg net/netlink/genetlink.c:783 [inline]\n[<00000000204d7a1c>] genl_rcv_msg+0x2bf/0x4f0 net/netlink/genetlink.c:800\n[<00000000c0d6a995>] netlink_rcv_skb+0x134/0x3d0 net/netlink/af_netlink.c:2504\n[<00000000d78b9d2c>] genl_rcv+0x24/0x40 net/netlink/genetlink.c:811\n[<000000009733081b>] netlink_unicast_kernel net/netlink/af_netlink.c:1314 [inline]\n[<000000009733081b>] netlink_unicast+0x4a0/0x6a0 net/netlink/af_netlink.c:1340\n[<00000000d5fd43b8>] netlink_sendmsg+0x789/0xc70 net/netlink/af_netlink.c:1929\n[<000000000a2d1e40>] sock_sendmsg_nosec net/socket.c:654 [inline]\n[<000000000a2d1e40>] sock_sendmsg+0x139/0x170 net/socket.c:674\n[<00000000321d1969>] ____sys_sendmsg+0x658/0x7d0 net/socket.c:2350\n[<00000000964e16bc>] ___sys_sendmsg+0xf8/0x170 net/socket.c:2404\n[<000000001615e288>] __sys_sendmsg+0xd3/0x190 net/socket.c:2433\n[<000000004ee8b6a5>] do_syscall_64+0x37/0x90 arch/x86/entry/common.c:47\n[<00000000171c7cee>] entry_SYSCALL_64_after_hwframe+0x44/0xae\n\nThe memory of doi_def->map.std pointing is allocated in\nnetlbl_cipsov4_add_std, but no place has freed it. It should be\nfreed in cipso_v4_doi_free which frees the cipso DOI resource."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["net/ipv4/cipso_ipv4.c"], "versions": [{"version": "96cb8e3313c7a12e026c1ed510522ae6f6023875", "lessThan": "212166510582631994be4f4b3fe15e10a03c1dd4", "status": "affected", "versionType": "git"}, {"version": "96cb8e3313c7a12e026c1ed510522ae6f6023875", "lessThan": "086e92b1d68c6338535f715aad173f8cf4bfbc8c", "status": "affected", "versionType": "git"}, {"version": "96cb8e3313c7a12e026c1ed510522ae6f6023875", "lessThan": "6dcea66d3bb519b426282588f38e884e07893c1f", "status": "affected", "versionType": "git"}, {"version": "96cb8e3313c7a12e026c1ed510522ae6f6023875", "lessThan": "5340858147e3dc60913fb3dd0cbb758ec4a26e66", "status": "affected", "versionType": "git"}, {"version": "96cb8e3313c7a12e026c1ed510522ae6f6023875", "lessThan": "398a24447eb60f060c8994221cb5ae6caf355fa1", "status": "affected", "versionType": "git"}, {"version": "96cb8e3313c7a12e026c1ed510522ae6f6023875", "lessThan": "deeeb65c6ee404f2d1fb80b38b2730645c0f4663", "status": "affected", "versionType": "git"}, {"version": "96cb8e3313c7a12e026c1ed510522ae6f6023875", "lessThan": "0ffb460be3abac86f884a8c548bb02724ec370f4", "status": "affected", "versionType": "git"}, {"version": "96cb8e3313c7a12e026c1ed510522ae6f6023875", "lessThan": "d612c3f3fae221e7ea736d196581c2217304bbbc", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["net/ipv4/cipso_ipv4.c"], "versions": [{"version": "2.6.19", "status": "affected"}, {"version": "0", "lessThan": "2.6.19", "status": "unaffected", "versionType": "semver"}, {"version": "4.4.274", "lessThanOrEqual": "4.4.*", "status": "unaffected", "versionType": "semver"}, {"version": "4.9.274", "lessThanOrEqual": "4.9.*", "status": "unaffected", "versionType": "semver"}, {"version": "4.14.238", "lessThanOrEqual": "4.14.*", "status": "unaffected", "versionType": "semver"}, {"version": "4.19.196", "lessThanOrEqual": "4.19.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.4.128", "lessThanOrEqual": "5.4.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.10.46", "lessThanOrEqual": "5.10.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.12.13", "lessThanOrEqual": "5.12.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.13", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "2.6.19", "versionEndExcluding": "4.4.274"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "2.6.19", "versionEndExcluding": "4.9.274"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "2.6.19", "versionEndExcluding": "4.14.238"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "2.6.19", "versionEndExcluding": "4.19.196"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "2.6.19", "versionEndExcluding": "5.4.128"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "2.6.19", "versionEndExcluding": "5.10.46"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "2.6.19", "versionEndExcluding": "5.12.13"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "2.6.19", "versionEndExcluding": "5.13"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/212166510582631994be4f4b3fe15e10a03c1dd4"}, {"url": "https://git.kernel.org/stable/c/086e92b1d68c6338535f715aad173f8cf4bfbc8c"}, {"url": "https://git.kernel.org/stable/c/6dcea66d3bb519b426282588f38e884e07893c1f"}, {"url": "https://git.kernel.org/stable/c/5340858147e3dc60913fb3dd0cbb758ec4a26e66"}, {"url": "https://git.kernel.org/stable/c/398a24447eb60f060c8994221cb5ae6caf355fa1"}, {"url": "https://git.kernel.org/stable/c/deeeb65c6ee404f2d1fb80b38b2730645c0f4663"}, {"url": "https://git.kernel.org/stable/c/0ffb460be3abac86f884a8c548bb02724ec370f4"}, {"url": "https://git.kernel.org/stable/c/d612c3f3fae221e7ea736d196581c2217304bbbc"}], "title": "net: ipv4: fix memory leak in netlbl_cipsov4_add_std", "x_generator": {"engine": "bippy-1.2.0"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-06-12T15:04:20.108779Z", "id": "CVE-2021-47250", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-12T15:04:30.065Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T05:32:07.879Z"}, "title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/212166510582631994be4f4b3fe15e10a03c1dd4", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/086e92b1d68c6338535f715aad173f8cf4bfbc8c", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/6dcea66d3bb519b426282588f38e884e07893c1f", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/5340858147e3dc60913fb3dd0cbb758ec4a26e66", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/398a24447eb60f060c8994221cb5ae6caf355fa1", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/deeeb65c6ee404f2d1fb80b38b2730645c0f4663", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/0ffb460be3abac86f884a8c548bb02724ec370f4", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/d612c3f3fae221e7ea736d196581c2217304bbbc", "tags": ["x_transferred"]}]}]}}

{

dataType : CVE_RECORD (string)

dataVersion : 5.1 (string)

cveMetadata : { »

cveId : CVE-2021-47250 (string)

assignerOrgId : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

state : PUBLISHED (string)

assignerShortName : Linux (string)

dateReserved : 2024-04-10T18:59:19.537Z (string)

datePublished : 2024-05-21T14:19:46.886Z (string)

dateUpdated : 2025-05-04T07:07:08.871Z (string)

}

containers : { »

cna : { »

providerMetadata : { »

orgId : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

shortName : Linux (string)

dateUpdated : 2025-05-04T07:07:08.871Z (string)

}

descriptions : [ »

0 : { »

lang : en (string)

value : In the Linux kernel, the following vulnerability has been resolved: net: ipv4: fix memory leak in netlbl_cipsov4_add_std Reported by syzkaller: BUG: memory leak unreferenced object 0xffff888105df7000 (size 64): comm "syz-executor842", pid 360, jiffies 4294824824 (age 22.546s) hex dump (first 32 bytes): 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ backtrace: [<00000000e67ed558>] kmalloc include/linux/slab.h:590 [inline] [<00000000e67ed558>] kzalloc include/linux/slab.h:720 [inline] [<00000000e67ed558>] netlbl_cipsov4_add_std net/netlabel/netlabel_cipso_v4.c:145 [inline] [<00000000e67ed558>] netlbl_cipsov4_add+0x390/0x2340 net/netlabel/netlabel_cipso_v4.c:416 [<0000000006040154>] genl_family_rcv_msg_doit.isra.0+0x20e/0x320 net/netlink/genetlink.c:739 [<00000000204d7a1c>] genl_family_rcv_msg net/netlink/genetlink.c:783 [inline] [<00000000204d7a1c>] genl_rcv_msg+0x2bf/0x4f0 net/netlink/genetlink.c:800 [<00000000c0d6a995>] netlink_rcv_skb+0x134/0x3d0 net/netlink/af_netlink.c:2504 [<00000000d78b9d2c>] genl_rcv+0x24/0x40 net/netlink/genetlink.c:811 [<000000009733081b>] netlink_unicast_kernel net/netlink/af_netlink.c:1314 [inline] [<000000009733081b>] netlink_unicast+0x4a0/0x6a0 net/netlink/af_netlink.c:1340 [<00000000d5fd43b8>] netlink_sendmsg+0x789/0xc70 net/netlink/af_netlink.c:1929 [<000000000a2d1e40>] sock_sendmsg_nosec net/socket.c:654 [inline] [<000000000a2d1e40>] sock_sendmsg+0x139/0x170 net/socket.c:674 [<00000000321d1969>] ____sys_sendmsg+0x658/0x7d0 net/socket.c:2350 [<00000000964e16bc>] ___sys_sendmsg+0xf8/0x170 net/socket.c:2404 [<000000001615e288>] __sys_sendmsg+0xd3/0x190 net/socket.c:2433 [<000000004ee8b6a5>] do_syscall_64+0x37/0x90 arch/x86/entry/common.c:47 [<00000000171c7cee>] entry_SYSCALL_64_after_hwframe+0x44/0xae The memory of doi_def->map.std pointing is allocated in netlbl_cipsov4_add_std, but no place has freed it. It should be freed in cipso_v4_doi_free which frees the cipso DOI resource. (string)

}

]

affected : [ »

0 : { »

product : Linux (string)

vendor : Linux (string)

defaultStatus : unaffected (string)

repo : https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git (string)

programFiles : [ »

0 : net/ipv4/cipso_ipv4.c (string)

]

versions : [ »

0 : { »

version : 96cb8e3313c7a12e026c1ed510522ae6f6023875 (string)

lessThan : 212166510582631994be4f4b3fe15e10a03c1dd4 (string)

status : affected (string)

versionType : git (string)

}

1 : { »

version : 96cb8e3313c7a12e026c1ed510522ae6f6023875 (string)

lessThan : 086e92b1d68c6338535f715aad173f8cf4bfbc8c (string)

status : affected (string)

versionType : git (string)

}

2 : { »

version : 96cb8e3313c7a12e026c1ed510522ae6f6023875 (string)

lessThan : 6dcea66d3bb519b426282588f38e884e07893c1f (string)

status : affected (string)

versionType : git (string)

}

3 : { »

version : 96cb8e3313c7a12e026c1ed510522ae6f6023875 (string)

lessThan : 5340858147e3dc60913fb3dd0cbb758ec4a26e66 (string)

status : affected (string)

versionType : git (string)

}

4 : { »

version : 96cb8e3313c7a12e026c1ed510522ae6f6023875 (string)

lessThan : 398a24447eb60f060c8994221cb5ae6caf355fa1 (string)

status : affected (string)

versionType : git (string)

}

5 : { »

version : 96cb8e3313c7a12e026c1ed510522ae6f6023875 (string)

lessThan : deeeb65c6ee404f2d1fb80b38b2730645c0f4663 (string)

status : affected (string)

versionType : git (string)

}

6 : { »

version : 96cb8e3313c7a12e026c1ed510522ae6f6023875 (string)

lessThan : 0ffb460be3abac86f884a8c548bb02724ec370f4 (string)

status : affected (string)

versionType : git (string)

}

7 : { »

version : 96cb8e3313c7a12e026c1ed510522ae6f6023875 (string)

lessThan : d612c3f3fae221e7ea736d196581c2217304bbbc (string)

status : affected (string)

versionType : git (string)

}

]

}

1 : { »

product : Linux (string)

vendor : Linux (string)

defaultStatus : affected (string)

repo : https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git (string)

programFiles : [ »

0 : net/ipv4/cipso_ipv4.c (string)

]

versions : [ »

0 : { »

version : 2.6.19 (string)

status : affected (string)

}

1 : { »

version : 0 (string)

lessThan : 2.6.19 (string)

status : unaffected (string)

versionType : semver (string)

}

2 : { »

version : 4.4.274 (string)

lessThanOrEqual : 4.4.* (string)

status : unaffected (string)

versionType : semver (string)

}

3 : { »

version : 4.9.274 (string)

lessThanOrEqual : 4.9.* (string)

status : unaffected (string)

versionType : semver (string)

}

4 : { »

version : 4.14.238 (string)

lessThanOrEqual : 4.14.* (string)

status : unaffected (string)

versionType : semver (string)

}

5 : { »

version : 4.19.196 (string)

lessThanOrEqual : 4.19.* (string)

status : unaffected (string)

versionType : semver (string)

}

6 : { »

version : 5.4.128 (string)

lessThanOrEqual : 5.4.* (string)

status : unaffected (string)

versionType : semver (string)

}

7 : { »

version : 5.10.46 (string)

lessThanOrEqual : 5.10.* (string)

status : unaffected (string)

versionType : semver (string)

}

8 : { »

version : 5.12.13 (string)

lessThanOrEqual : 5.12.* (string)

status : unaffected (string)

versionType : semver (string)

}

9 : { »

version : 5.13 (string)

lessThanOrEqual : * (string)

status : unaffected (string)

versionType : original_commit_for_fix (string)

}

]

}

]

cpeApplicability : [ »

0 : { »

nodes : [ »

0 : { »

operator : OR (string)

negate : false (boolean)

cpeMatch : [ »

0 : { »

vulnerable : true (boolean)

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

versionStartIncluding : 2.6.19 (string)

versionEndExcluding : 4.4.274 (string)

}

1 : { »

vulnerable : true (boolean)

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

versionStartIncluding : 2.6.19 (string)

versionEndExcluding : 4.9.274 (string)

}

2 : { »

vulnerable : true (boolean)

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

versionStartIncluding : 2.6.19 (string)

versionEndExcluding : 4.14.238 (string)

}

3 : { »

vulnerable : true (boolean)

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

versionStartIncluding : 2.6.19 (string)

versionEndExcluding : 4.19.196 (string)

}

4 : { »

vulnerable : true (boolean)

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

versionStartIncluding : 2.6.19 (string)

versionEndExcluding : 5.4.128 (string)

}

5 : { »

vulnerable : true (boolean)

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

versionStartIncluding : 2.6.19 (string)

versionEndExcluding : 5.10.46 (string)

}

6 : { »

vulnerable : true (boolean)

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

versionStartIncluding : 2.6.19 (string)

versionEndExcluding : 5.12.13 (string)

}

7 : { »

vulnerable : true (boolean)

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

versionStartIncluding : 2.6.19 (string)

versionEndExcluding : 5.13 (string)

}

]

}

]

}

]

references : [ »

0 : { »

url : https://git.kernel.org/stable/c/212166510582631994be4f4b3fe15e10a03c1dd4 (string)

}

1 : { »

url : https://git.kernel.org/stable/c/086e92b1d68c6338535f715aad173f8cf4bfbc8c (string)

}

2 : { »

url : https://git.kernel.org/stable/c/6dcea66d3bb519b426282588f38e884e07893c1f (string)

}

3 : { »

url : https://git.kernel.org/stable/c/5340858147e3dc60913fb3dd0cbb758ec4a26e66 (string)

}

4 : { »

url : https://git.kernel.org/stable/c/398a24447eb60f060c8994221cb5ae6caf355fa1 (string)

}

5 : { »

url : https://git.kernel.org/stable/c/deeeb65c6ee404f2d1fb80b38b2730645c0f4663 (string)

}

6 : { »

url : https://git.kernel.org/stable/c/0ffb460be3abac86f884a8c548bb02724ec370f4 (string)

}

7 : { »

url : https://git.kernel.org/stable/c/d612c3f3fae221e7ea736d196581c2217304bbbc (string)

}

]

title : net: ipv4: fix memory leak in netlbl_cipsov4_add_std (string)

x_generator : { »

engine : bippy-1.2.0 (string)

}

adp : [ »

0 : { »

metrics : [ »

0 : { »

other : { »

type : ssvc (string)

content : { »

timestamp : 2024-06-12T15:04:20.108779Z (string)

id : CVE-2021-47250 (string)

options : [ »

0 : { »

Exploitation : none (string)

}

1 : { »

Automatable : no (string)

}

2 : { »

Technical Impact : partial (string)

}

]

role : CISA Coordinator (string)

version : 2.0.3 (string)

}

]

title : CISA ADP Vulnrichment (string)

providerMetadata : { »

orgId : 134c704f-9b21-4f2e-91b3-4a467353bcc0 (string)

shortName : CISA-ADP (string)

dateUpdated : 2024-06-12T15:04:30.065Z (string)

}

1 : { »

providerMetadata : { »

orgId : af854a3a-2127-422b-91ae-364da2661108 (string)

shortName : CVE (string)

dateUpdated : 2024-08-04T05:32:07.879Z (string)

}

title : CVE Program Container (string)

references : [ »

0 : { »

url : https://git.kernel.org/stable/c/212166510582631994be4f4b3fe15e10a03c1dd4 (string)

tags : [ »

0 : x_transferred (string)

]

}

1 : { »

url : https://git.kernel.org/stable/c/086e92b1d68c6338535f715aad173f8cf4bfbc8c (string)

tags : [ »

0 : x_transferred (string)

]

}

2 : { »

url : https://git.kernel.org/stable/c/6dcea66d3bb519b426282588f38e884e07893c1f (string)

tags : [ »

0 : x_transferred (string)

]

}

3 : { »

url : https://git.kernel.org/stable/c/5340858147e3dc60913fb3dd0cbb758ec4a26e66 (string)

tags : [ »

0 : x_transferred (string)

]

}

4 : { »

url : https://git.kernel.org/stable/c/398a24447eb60f060c8994221cb5ae6caf355fa1 (string)

tags : [ »

0 : x_transferred (string)

]

}

5 : { »

url : https://git.kernel.org/stable/c/deeeb65c6ee404f2d1fb80b38b2730645c0f4663 (string)

tags : [ »

0 : x_transferred (string)

]

}

6 : { »

url : https://git.kernel.org/stable/c/0ffb460be3abac86f884a8c548bb02724ec370f4 (string)

tags : [ »

0 : x_transferred (string)

]

}

7 : { »

url : https://git.kernel.org/stable/c/d612c3f3fae221e7ea736d196581c2217304bbbc (string)

tags : [ »

0 : x_transferred (string)

]

}

]

}

]

}

Show plain JSON

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/212166510582631994be4f4b3fe15e10a03c1dd4", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/086e92b1d68c6338535f715aad173f8cf4bfbc8c", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/6dcea66d3bb519b426282588f38e884e07893c1f", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/5340858147e3dc60913fb3dd0cbb758ec4a26e66", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/398a24447eb60f060c8994221cb5ae6caf355fa1", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/deeeb65c6ee404f2d1fb80b38b2730645c0f4663", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/0ffb460be3abac86f884a8c548bb02724ec370f4", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/d612c3f3fae221e7ea736d196581c2217304bbbc", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T05:32:07.879Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2021-47250", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-06-12T15:04:20.108779Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-12T15:04:26.659Z"}}], "cna": {"title": "net: ipv4: fix memory leak in netlbl_cipsov4_add_std", "affected": [{"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "96cb8e3313c7", "lessThan": "212166510582", "versionType": "git"}, {"status": "affected", "version": "96cb8e3313c7", "lessThan": "086e92b1d68c", "versionType": "git"}, {"status": "affected", "version": "96cb8e3313c7", "lessThan": "6dcea66d3bb5", "versionType": "git"}, {"status": "affected", "version": "96cb8e3313c7", "lessThan": "5340858147e3", "versionType": "git"}, {"status": "affected", "version": "96cb8e3313c7", "lessThan": "398a24447eb6", "versionType": "git"}, {"status": "affected", "version": "96cb8e3313c7", "lessThan": "deeeb65c6ee4", "versionType": "git"}, {"status": "affected", "version": "96cb8e3313c7", "lessThan": "0ffb460be3ab", "versionType": "git"}, {"status": "affected", "version": "96cb8e3313c7", "lessThan": "d612c3f3fae2", "versionType": "git"}], "programFiles": ["net/ipv4/cipso_ipv4.c"], "defaultStatus": "unaffected"}, {"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "2.6.19"}, {"status": "unaffected", "version": "0", "lessThan": "2.6.19", "versionType": "semver"}, {"status": "unaffected", "version": "4.4.274", "versionType": "semver", "lessThanOrEqual": "4.4.*"}, {"status": "unaffected", "version": "4.9.274", "versionType": "semver", "lessThanOrEqual": "4.9.*"}, {"status": "unaffected", "version": "4.14.238", "versionType": "semver", "lessThanOrEqual": "4.14.*"}, {"status": "unaffected", "version": "4.19.196", "versionType": "semver", "lessThanOrEqual": "4.19.*"}, {"status": "unaffected", "version": "5.4.128", "versionType": "semver", "lessThanOrEqual": "5.4.*"}, {"status": "unaffected", "version": "5.10.46", "versionType": "semver", "lessThanOrEqual": "5.10.*"}, {"status": "unaffected", "version": "5.12.13", "versionType": "semver", "lessThanOrEqual": "5.12.*"}, {"status": "unaffected", "version": "5.13", "versionType": "semver", "lessThanOrEqual": "*"}], "programFiles": ["net/ipv4/cipso_ipv4.c"], "defaultStatus": "affected"}], "references": [{"url": "https://git.kernel.org/stable/c/212166510582631994be4f4b3fe15e10a03c1dd4"}, {"url": "https://git.kernel.org/stable/c/086e92b1d68c6338535f715aad173f8cf4bfbc8c"}, {"url": "https://git.kernel.org/stable/c/6dcea66d3bb519b426282588f38e884e07893c1f"}, {"url": "https://git.kernel.org/stable/c/5340858147e3dc60913fb3dd0cbb758ec4a26e66"}, {"url": "https://git.kernel.org/stable/c/398a24447eb60f060c8994221cb5ae6caf355fa1"}, {"url": "https://git.kernel.org/stable/c/deeeb65c6ee404f2d1fb80b38b2730645c0f4663"}, {"url": "https://git.kernel.org/stable/c/0ffb460be3abac86f884a8c548bb02724ec370f4"}, {"url": "https://git.kernel.org/stable/c/d612c3f3fae221e7ea736d196581c2217304bbbc"}], "x_generator": {"engine": "bippy-c8e10e5f6187"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: ipv4: fix memory leak in netlbl_cipsov4_add_std\n\nReported by syzkaller:\nBUG: memory leak\nunreferenced object 0xffff888105df7000 (size 64):\ncomm \"syz-executor842\", pid 360, jiffies 4294824824 (age 22.546s)\nhex dump (first 32 bytes):\n00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\nbacktrace:\n[<00000000e67ed558>] kmalloc include/linux/slab.h:590 [inline]\n[<00000000e67ed558>] kzalloc include/linux/slab.h:720 [inline]\n[<00000000e67ed558>] netlbl_cipsov4_add_std net/netlabel/netlabel_cipso_v4.c:145 [inline]\n[<00000000e67ed558>] netlbl_cipsov4_add+0x390/0x2340 net/netlabel/netlabel_cipso_v4.c:416\n[<0000000006040154>] genl_family_rcv_msg_doit.isra.0+0x20e/0x320 net/netlink/genetlink.c:739\n[<00000000204d7a1c>] genl_family_rcv_msg net/netlink/genetlink.c:783 [inline]\n[<00000000204d7a1c>] genl_rcv_msg+0x2bf/0x4f0 net/netlink/genetlink.c:800\n[<00000000c0d6a995>] netlink_rcv_skb+0x134/0x3d0 net/netlink/af_netlink.c:2504\n[<00000000d78b9d2c>] genl_rcv+0x24/0x40 net/netlink/genetlink.c:811\n[<000000009733081b>] netlink_unicast_kernel net/netlink/af_netlink.c:1314 [inline]\n[<000000009733081b>] netlink_unicast+0x4a0/0x6a0 net/netlink/af_netlink.c:1340\n[<00000000d5fd43b8>] netlink_sendmsg+0x789/0xc70 net/netlink/af_netlink.c:1929\n[<000000000a2d1e40>] sock_sendmsg_nosec net/socket.c:654 [inline]\n[<000000000a2d1e40>] sock_sendmsg+0x139/0x170 net/socket.c:674\n[<00000000321d1969>] ____sys_sendmsg+0x658/0x7d0 net/socket.c:2350\n[<00000000964e16bc>] ___sys_sendmsg+0xf8/0x170 net/socket.c:2404\n[<000000001615e288>] __sys_sendmsg+0xd3/0x190 net/socket.c:2433\n[<000000004ee8b6a5>] do_syscall_64+0x37/0x90 arch/x86/entry/common.c:47\n[<00000000171c7cee>] entry_SYSCALL_64_after_hwframe+0x44/0xae\n\nThe memory of doi_def->map.std pointing is allocated in\nnetlbl_cipsov4_add_std, but no place has freed it. It should be\nfreed in cipso_v4_doi_free which frees the cipso DOI resource."}], "providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2024-11-04T11:37:36.435Z"}}}, "cveMetadata": {"cveId": "CVE-2021-47250", "state": "PUBLISHED", "dateUpdated": "2024-11-04T11:37:36.435Z", "dateReserved": "2024-04-10T18:59:19.537Z", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "datePublished": "2024-05-21T14:19:46.886Z", "assignerShortName": "Linux"}, "dataVersion": "5.1"}

{

dataType : CVE_RECORD (string)

containers : { »

adp : [ »

0 : { »

title : CVE Program Container (string)

references : [ »

0 : { »

url : https://git.kernel.org/stable/c/212166510582631994be4f4b3fe15e10a03c1dd4 (string)

tags : [ »

0 : x_transferred (string)

]

}

1 : { »

url : https://git.kernel.org/stable/c/086e92b1d68c6338535f715aad173f8cf4bfbc8c (string)

tags : [ »

0 : x_transferred (string)

]

}

2 : { »

url : https://git.kernel.org/stable/c/6dcea66d3bb519b426282588f38e884e07893c1f (string)

tags : [ »

0 : x_transferred (string)

]

}

3 : { »

url : https://git.kernel.org/stable/c/5340858147e3dc60913fb3dd0cbb758ec4a26e66 (string)

tags : [ »

0 : x_transferred (string)

]

}

4 : { »

url : https://git.kernel.org/stable/c/398a24447eb60f060c8994221cb5ae6caf355fa1 (string)

tags : [ »

0 : x_transferred (string)

]

}

5 : { »

url : https://git.kernel.org/stable/c/deeeb65c6ee404f2d1fb80b38b2730645c0f4663 (string)

tags : [ »

0 : x_transferred (string)

]

}

6 : { »

url : https://git.kernel.org/stable/c/0ffb460be3abac86f884a8c548bb02724ec370f4 (string)

tags : [ »

0 : x_transferred (string)

]

}

7 : { »

url : https://git.kernel.org/stable/c/d612c3f3fae221e7ea736d196581c2217304bbbc (string)

tags : [ »

0 : x_transferred (string)

]

}

]

providerMetadata : { »

orgId : af854a3a-2127-422b-91ae-364da2661108 (string)

shortName : CVE (string)

dateUpdated : 2024-08-04T05:32:07.879Z (string)

}

1 : { »

title : CISA ADP Vulnrichment (string)

metrics : [ »

0 : { »

other : { »

type : ssvc (string)

content : { »

id : CVE-2021-47250 (string)

role : CISA Coordinator (string)

options : [ »

0 : { »

Exploitation : none (string)

}

1 : { »

Automatable : no (string)

}

2 : { »

Technical Impact : partial (string)

}

]

version : 2.0.3 (string)

timestamp : 2024-06-12T15:04:20.108779Z (string)

}

]

providerMetadata : { »

orgId : 134c704f-9b21-4f2e-91b3-4a467353bcc0 (string)

shortName : CISA-ADP (string)

dateUpdated : 2024-06-12T15:04:26.659Z (string)

}

]

cna : { »

title : net: ipv4: fix memory leak in netlbl_cipsov4_add_std (string)

affected : [ »

0 : { »

repo : https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git (string)

vendor : Linux (string)

product : Linux (string)

versions : [ »

0 : { »

status : affected (string)

version : 96cb8e3313c7 (string)

lessThan : 212166510582 (string)

versionType : git (string)

}

1 : { »

status : affected (string)

version : 96cb8e3313c7 (string)

lessThan : 086e92b1d68c (string)

versionType : git (string)

}

2 : { »

status : affected (string)

version : 96cb8e3313c7 (string)

lessThan : 6dcea66d3bb5 (string)

versionType : git (string)

}

3 : { »

status : affected (string)

version : 96cb8e3313c7 (string)

lessThan : 5340858147e3 (string)

versionType : git (string)

}

4 : { »

status : affected (string)

version : 96cb8e3313c7 (string)

lessThan : 398a24447eb6 (string)

versionType : git (string)

}

5 : { »

status : affected (string)

version : 96cb8e3313c7 (string)

lessThan : deeeb65c6ee4 (string)

versionType : git (string)

}

6 : { »

status : affected (string)

version : 96cb8e3313c7 (string)

lessThan : 0ffb460be3ab (string)

versionType : git (string)

}

7 : { »

status : affected (string)

version : 96cb8e3313c7 (string)

lessThan : d612c3f3fae2 (string)

versionType : git (string)

}

]

programFiles : [ »

0 : net/ipv4/cipso_ipv4.c (string)

]

defaultStatus : unaffected (string)

}

1 : { »

repo : https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git (string)

vendor : Linux (string)

product : Linux (string)

versions : [ »

0 : { »

status : affected (string)

version : 2.6.19 (string)

}

1 : { »

status : unaffected (string)

version : 0 (string)

lessThan : 2.6.19 (string)

versionType : semver (string)

}

2 : { »

status : unaffected (string)

version : 4.4.274 (string)

versionType : semver (string)

lessThanOrEqual : 4.4.* (string)

}

3 : { »

status : unaffected (string)

version : 4.9.274 (string)

versionType : semver (string)

lessThanOrEqual : 4.9.* (string)

}

4 : { »

status : unaffected (string)

version : 4.14.238 (string)

versionType : semver (string)

lessThanOrEqual : 4.14.* (string)

}

5 : { »

status : unaffected (string)

version : 4.19.196 (string)

versionType : semver (string)

lessThanOrEqual : 4.19.* (string)

}

6 : { »

status : unaffected (string)

version : 5.4.128 (string)

versionType : semver (string)

lessThanOrEqual : 5.4.* (string)

}

7 : { »

status : unaffected (string)

version : 5.10.46 (string)

versionType : semver (string)

lessThanOrEqual : 5.10.* (string)

}

8 : { »

status : unaffected (string)

version : 5.12.13 (string)

versionType : semver (string)

lessThanOrEqual : 5.12.* (string)

}

9 : { »

status : unaffected (string)

version : 5.13 (string)

versionType : semver (string)

lessThanOrEqual : * (string)

}

]

programFiles : [ »

0 : net/ipv4/cipso_ipv4.c (string)

]

defaultStatus : affected (string)

}

]

references : [ »

0 : { »

url : https://git.kernel.org/stable/c/212166510582631994be4f4b3fe15e10a03c1dd4 (string)

}

1 : { »

url : https://git.kernel.org/stable/c/086e92b1d68c6338535f715aad173f8cf4bfbc8c (string)

}

2 : { »

url : https://git.kernel.org/stable/c/6dcea66d3bb519b426282588f38e884e07893c1f (string)

}

3 : { »

url : https://git.kernel.org/stable/c/5340858147e3dc60913fb3dd0cbb758ec4a26e66 (string)

}

4 : { »

url : https://git.kernel.org/stable/c/398a24447eb60f060c8994221cb5ae6caf355fa1 (string)

}

5 : { »

url : https://git.kernel.org/stable/c/deeeb65c6ee404f2d1fb80b38b2730645c0f4663 (string)

}

6 : { »

url : https://git.kernel.org/stable/c/0ffb460be3abac86f884a8c548bb02724ec370f4 (string)

}

7 : { »

url : https://git.kernel.org/stable/c/d612c3f3fae221e7ea736d196581c2217304bbbc (string)

}

]

x_generator : { »

engine : bippy-c8e10e5f6187 (string)

}

descriptions : [ »

0 : { »

lang : en (string)

value : In the Linux kernel, the following vulnerability has been resolved: net: ipv4: fix memory leak in netlbl_cipsov4_add_std Reported by syzkaller: BUG: memory leak unreferenced object 0xffff888105df7000 (size 64): comm "syz-executor842", pid 360, jiffies 4294824824 (age 22.546s) hex dump (first 32 bytes): 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ backtrace: [<00000000e67ed558>] kmalloc include/linux/slab.h:590 [inline] [<00000000e67ed558>] kzalloc include/linux/slab.h:720 [inline] [<00000000e67ed558>] netlbl_cipsov4_add_std net/netlabel/netlabel_cipso_v4.c:145 [inline] [<00000000e67ed558>] netlbl_cipsov4_add+0x390/0x2340 net/netlabel/netlabel_cipso_v4.c:416 [<0000000006040154>] genl_family_rcv_msg_doit.isra.0+0x20e/0x320 net/netlink/genetlink.c:739 [<00000000204d7a1c>] genl_family_rcv_msg net/netlink/genetlink.c:783 [inline] [<00000000204d7a1c>] genl_rcv_msg+0x2bf/0x4f0 net/netlink/genetlink.c:800 [<00000000c0d6a995>] netlink_rcv_skb+0x134/0x3d0 net/netlink/af_netlink.c:2504 [<00000000d78b9d2c>] genl_rcv+0x24/0x40 net/netlink/genetlink.c:811 [<000000009733081b>] netlink_unicast_kernel net/netlink/af_netlink.c:1314 [inline] [<000000009733081b>] netlink_unicast+0x4a0/0x6a0 net/netlink/af_netlink.c:1340 [<00000000d5fd43b8>] netlink_sendmsg+0x789/0xc70 net/netlink/af_netlink.c:1929 [<000000000a2d1e40>] sock_sendmsg_nosec net/socket.c:654 [inline] [<000000000a2d1e40>] sock_sendmsg+0x139/0x170 net/socket.c:674 [<00000000321d1969>] ____sys_sendmsg+0x658/0x7d0 net/socket.c:2350 [<00000000964e16bc>] ___sys_sendmsg+0xf8/0x170 net/socket.c:2404 [<000000001615e288>] __sys_sendmsg+0xd3/0x190 net/socket.c:2433 [<000000004ee8b6a5>] do_syscall_64+0x37/0x90 arch/x86/entry/common.c:47 [<00000000171c7cee>] entry_SYSCALL_64_after_hwframe+0x44/0xae The memory of doi_def->map.std pointing is allocated in netlbl_cipsov4_add_std, but no place has freed it. It should be freed in cipso_v4_doi_free which frees the cipso DOI resource. (string)

}

]

providerMetadata : { »

orgId : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

shortName : Linux (string)

dateUpdated : 2024-11-04T11:37:36.435Z (string)

}

cveMetadata : { »

cveId : CVE-2021-47250 (string)

state : PUBLISHED (string)

dateUpdated : 2024-11-04T11:37:36.435Z (string)

dateReserved : 2024-04-10T18:59:19.537Z (string)

assignerOrgId : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

datePublished : 2024-05-21T14:19:46.886Z (string)

assignerShortName : Linux (string)

}

dataVersion : 5.1 (string)

}

Show plain JSON

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "78A0388D-0E2E-49EC-B4C3-1B049F186183", "versionEndExcluding": "4.4.274", "versionStartIncluding": "2.6.19", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "0A84D5BC-006F-41C5-A54D-6D45236009B3", "versionEndExcluding": "4.9.274", "versionStartIncluding": "4.5", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "C3C0DBBF-0923-4D2A-9178-134691F9933F", "versionEndExcluding": "4.14.238", "versionStartIncluding": "4.10", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "F3CAB837-7D38-4934-AD4F-195CEFD754E6", "versionEndExcluding": "4.19.196", "versionStartIncluding": "4.15", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "6267BD4E-BE25-48B5-B850-4B493440DAFA", "versionEndExcluding": "5.4.128", "versionStartIncluding": "4.20", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "59455D13-A902-42E1-97F7-5ED579777193", "versionEndExcluding": "5.10.46", "versionStartIncluding": "5.5", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "7806E7E5-6D4F-4E18-81C1-79B3C60EE855", "versionEndExcluding": "5.12.13", "versionStartIncluding": "5.11", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:5.13:rc1:*:*:*:*:*:*", "matchCriteriaId": "0CBAD0FC-C281-4666-AB2F-F8E6E1165DF7", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:5.13:rc2:*:*:*:*:*:*", "matchCriteriaId": "96AC23B2-D46A-49D9-8203-8E1BEDCA8532", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:5.13:rc3:*:*:*:*:*:*", "matchCriteriaId": "DA610E30-717C-4700-9F77-A3C9244F3BFD", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:5.13:rc4:*:*:*:*:*:*", "matchCriteriaId": "1ECD33F5-85BE-430B-8F86-8D7BD560311D", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:5.13:rc5:*:*:*:*:*:*", "matchCriteriaId": "CF351855-2437-4CF5-AD7C-BDFA51F27683", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:5.13:rc6:*:*:*:*:*:*", "matchCriteriaId": "25A855BA-2118-44F2-90EF-EBBB12AF51EF", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: ipv4: fix memory leak in netlbl_cipsov4_add_std\n\nReported by syzkaller:\nBUG: memory leak\nunreferenced object 0xffff888105df7000 (size 64):\ncomm \"syz-executor842\", pid 360, jiffies 4294824824 (age 22.546s)\nhex dump (first 32 bytes):\n00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\nbacktrace:\n[<00000000e67ed558>] kmalloc include/linux/slab.h:590 [inline]\n[<00000000e67ed558>] kzalloc include/linux/slab.h:720 [inline]\n[<00000000e67ed558>] netlbl_cipsov4_add_std net/netlabel/netlabel_cipso_v4.c:145 [inline]\n[<00000000e67ed558>] netlbl_cipsov4_add+0x390/0x2340 net/netlabel/netlabel_cipso_v4.c:416\n[<0000000006040154>] genl_family_rcv_msg_doit.isra.0+0x20e/0x320 net/netlink/genetlink.c:739\n[<00000000204d7a1c>] genl_family_rcv_msg net/netlink/genetlink.c:783 [inline]\n[<00000000204d7a1c>] genl_rcv_msg+0x2bf/0x4f0 net/netlink/genetlink.c:800\n[<00000000c0d6a995>] netlink_rcv_skb+0x134/0x3d0 net/netlink/af_netlink.c:2504\n[<00000000d78b9d2c>] genl_rcv+0x24/0x40 net/netlink/genetlink.c:811\n[<000000009733081b>] netlink_unicast_kernel net/netlink/af_netlink.c:1314 [inline]\n[<000000009733081b>] netlink_unicast+0x4a0/0x6a0 net/netlink/af_netlink.c:1340\n[<00000000d5fd43b8>] netlink_sendmsg+0x789/0xc70 net/netlink/af_netlink.c:1929\n[<000000000a2d1e40>] sock_sendmsg_nosec net/socket.c:654 [inline]\n[<000000000a2d1e40>] sock_sendmsg+0x139/0x170 net/socket.c:674\n[<00000000321d1969>] ____sys_sendmsg+0x658/0x7d0 net/socket.c:2350\n[<00000000964e16bc>] ___sys_sendmsg+0xf8/0x170 net/socket.c:2404\n[<000000001615e288>] __sys_sendmsg+0xd3/0x190 net/socket.c:2433\n[<000000004ee8b6a5>] do_syscall_64+0x37/0x90 arch/x86/entry/common.c:47\n[<00000000171c7cee>] entry_SYSCALL_64_after_hwframe+0x44/0xae\n\nThe memory of doi_def->map.std pointing is allocated in\nnetlbl_cipsov4_add_std, but no place has freed it. It should be\nfreed in cipso_v4_doi_free which frees the cipso DOI resource."}, {"lang": "es", "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: net: ipv4: corrige la p\u00e9rdida de memoria en netlbl_cipsov4_add_std. Reportado por syzkaller: BUG: p\u00e9rdida de memoria objeto sin referencia 0xffff888105df7000 (tama\u00f1o 64): comm \"syz-executor842\", pid 360, jiffies 4294824824 ( edad 22,546 s) volcado hexadecimal (primeros 32 bytes): 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ backtrace: [&lt;00000000e67ed558&gt;] kmalloc include/linux/slab.h:590 [en l\u00ednea] [&lt;00000000e67ed558&gt; ] kzalloc include/linux/slab.h:720 [en l\u00ednea] [&lt;00000000e67ed558&gt;] netlbl_cipsov4_add_std net/netlabel/netlabel_cipso_v4.c:145 [en l\u00ednea] [&lt;00000000e67ed558&gt;] netlbl_cipsov4_add+0x390/0x234 0 net/netlabel/netlabel_cipso_v4.c: 416 [&lt;0000000006040154&gt;] genl_family_rcv_msg_doit.isra.0+0x20e/0x320 net/netlink/genetlink.c:739 [&lt;00000000204d7a1c&gt;] genl_family_rcv_msg net/netlink/genetlink.c:783 [en l\u00ednea] 00000204d7a1c&gt;] genl_rcv_msg+0x2bf /0x4f0 net/netlink/genetlink.c:800 [&lt;00000000c0d6a995&gt;] netlink_rcv_skb+0x134/0x3d0 net/netlink/af_netlink.c:2504 [&lt;00000000d78b9d2c&gt;] genl_rcv+0x24/0x40 11 [ &lt;000000009733081b&gt;] netlink_unicast_kernel net/netlink/af_netlink.c:1314 [en l\u00ednea] [&lt;000000009733081b&gt;] netlink_unicast+0x4a0/0x6a0 net/netlink/af_netlink.c:1340 [&lt;00000000d5fd43b8&gt;] enviar mensaje+0x789/0xc70 net/netlink/ af_netlink.c:1929 [&lt;000000000a2d1e40&gt;] sock_sendmsg_nosec net/socket.c:654 [en l\u00ednea] [&lt;000000000a2d1e40&gt;] sock_sendmsg+0x139/0x170 net/socket.c:674 [&lt;00000000321d19 69&gt;] ____sys_sendmsg+0x658/0x7d0 neto/ socket.c:2350 [&lt;00000000964e16bc&gt;] ___sys_sendmsg+0xf8/0x170 net/socket.c:2404 [&lt;000000001615e288&gt;] __sys_sendmsg+0xd3/0x190 net/socket.c:2433 4ee8b6a5&gt;] do_syscall_64+0x37/0x90 arco /x86/entry/common.c:47 [&lt;00000000171c7cee&gt;] Entry_SYSCALL_64_after_hwframe+0x44/0xae La memoria de apuntamiento doi_def-&gt;map.std est\u00e1 asignada en netlbl_cipsov4_add_std, pero no se ha liberado ning\u00fan lugar. Debe liberarse en cipso_v4_doi_free, lo que libera el recurso cipso DOI."}], "id": "CVE-2021-47250", "lastModified": "2024-12-30T19:00:27.217", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2024-05-21T15:15:13.930", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/086e92b1d68c6338535f715aad173f8cf4bfbc8c"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/0ffb460be3abac86f884a8c548bb02724ec370f4"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/212166510582631994be4f4b3fe15e10a03c1dd4"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/398a24447eb60f060c8994221cb5ae6caf355fa1"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/5340858147e3dc60913fb3dd0cbb758ec4a26e66"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/6dcea66d3bb519b426282588f38e884e07893c1f"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/d612c3f3fae221e7ea736d196581c2217304bbbc"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/deeeb65c6ee404f2d1fb80b38b2730645c0f4663"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/086e92b1d68c6338535f715aad173f8cf4bfbc8c"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/0ffb460be3abac86f884a8c548bb02724ec370f4"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/212166510582631994be4f4b3fe15e10a03c1dd4"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/398a24447eb60f060c8994221cb5ae6caf355fa1"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/5340858147e3dc60913fb3dd0cbb758ec4a26e66"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/6dcea66d3bb519b426282588f38e884e07893c1f"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/d612c3f3fae221e7ea736d196581c2217304bbbc"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/deeeb65c6ee404f2d1fb80b38b2730645c0f4663"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-401"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{

configurations : [ »

0 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 78A0388D-0E2E-49EC-B4C3-1B049F186183 (string)

versionEndExcluding : 4.4.274 (string)

versionStartIncluding : 2.6.19 (string)

vulnerable : true (boolean)

}

1 : { »

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 0A84D5BC-006F-41C5-A54D-6D45236009B3 (string)

versionEndExcluding : 4.9.274 (string)

versionStartIncluding : 4.5 (string)

vulnerable : true (boolean)

}

2 : { »

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

matchCriteriaId : C3C0DBBF-0923-4D2A-9178-134691F9933F (string)

versionEndExcluding : 4.14.238 (string)

versionStartIncluding : 4.10 (string)

vulnerable : true (boolean)

}

3 : { »

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

matchCriteriaId : F3CAB837-7D38-4934-AD4F-195CEFD754E6 (string)

versionEndExcluding : 4.19.196 (string)

versionStartIncluding : 4.15 (string)

vulnerable : true (boolean)

}

4 : { »

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 6267BD4E-BE25-48B5-B850-4B493440DAFA (string)

versionEndExcluding : 5.4.128 (string)

versionStartIncluding : 4.20 (string)

vulnerable : true (boolean)

}

5 : { »

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 59455D13-A902-42E1-97F7-5ED579777193 (string)

versionEndExcluding : 5.10.46 (string)

versionStartIncluding : 5.5 (string)

vulnerable : true (boolean)

}

6 : { »

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 7806E7E5-6D4F-4E18-81C1-79B3C60EE855 (string)

versionEndExcluding : 5.12.13 (string)

versionStartIncluding : 5.11 (string)

vulnerable : true (boolean)

}

7 : { »

criteria : cpe:2.3:o:linux:linux_kernel:5.13:rc1:*:*:*:*:*:* (string)

matchCriteriaId : 0CBAD0FC-C281-4666-AB2F-F8E6E1165DF7 (string)

vulnerable : true (boolean)

}

8 : { »

criteria : cpe:2.3:o:linux:linux_kernel:5.13:rc2:*:*:*:*:*:* (string)

matchCriteriaId : 96AC23B2-D46A-49D9-8203-8E1BEDCA8532 (string)

vulnerable : true (boolean)

}

9 : { »

criteria : cpe:2.3:o:linux:linux_kernel:5.13:rc3:*:*:*:*:*:* (string)

matchCriteriaId : DA610E30-717C-4700-9F77-A3C9244F3BFD (string)

vulnerable : true (boolean)

}

10 : { »

criteria : cpe:2.3:o:linux:linux_kernel:5.13:rc4:*:*:*:*:*:* (string)

matchCriteriaId : 1ECD33F5-85BE-430B-8F86-8D7BD560311D (string)

vulnerable : true (boolean)

}

11 : { »

criteria : cpe:2.3:o:linux:linux_kernel:5.13:rc5:*:*:*:*:*:* (string)

matchCriteriaId : CF351855-2437-4CF5-AD7C-BDFA51F27683 (string)

vulnerable : true (boolean)

}

12 : { »

criteria : cpe:2.3:o:linux:linux_kernel:5.13:rc6:*:*:*:*:*:* (string)

matchCriteriaId : 25A855BA-2118-44F2-90EF-EBBB12AF51EF (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

}

]

cveTags : [ *empty* ]

descriptions : [ »

0 : { »

lang : en (string)

value : In the Linux kernel, the following vulnerability has been resolved: net: ipv4: fix memory leak in netlbl_cipsov4_add_std Reported by syzkaller: BUG: memory leak unreferenced object 0xffff888105df7000 (size 64): comm "syz-executor842", pid 360, jiffies 4294824824 (age 22.546s) hex dump (first 32 bytes): 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ backtrace: [<00000000e67ed558>] kmalloc include/linux/slab.h:590 [inline] [<00000000e67ed558>] kzalloc include/linux/slab.h:720 [inline] [<00000000e67ed558>] netlbl_cipsov4_add_std net/netlabel/netlabel_cipso_v4.c:145 [inline] [<00000000e67ed558>] netlbl_cipsov4_add+0x390/0x2340 net/netlabel/netlabel_cipso_v4.c:416 [<0000000006040154>] genl_family_rcv_msg_doit.isra.0+0x20e/0x320 net/netlink/genetlink.c:739 [<00000000204d7a1c>] genl_family_rcv_msg net/netlink/genetlink.c:783 [inline] [<00000000204d7a1c>] genl_rcv_msg+0x2bf/0x4f0 net/netlink/genetlink.c:800 [<00000000c0d6a995>] netlink_rcv_skb+0x134/0x3d0 net/netlink/af_netlink.c:2504 [<00000000d78b9d2c>] genl_rcv+0x24/0x40 net/netlink/genetlink.c:811 [<000000009733081b>] netlink_unicast_kernel net/netlink/af_netlink.c:1314 [inline] [<000000009733081b>] netlink_unicast+0x4a0/0x6a0 net/netlink/af_netlink.c:1340 [<00000000d5fd43b8>] netlink_sendmsg+0x789/0xc70 net/netlink/af_netlink.c:1929 [<000000000a2d1e40>] sock_sendmsg_nosec net/socket.c:654 [inline] [<000000000a2d1e40>] sock_sendmsg+0x139/0x170 net/socket.c:674 [<00000000321d1969>] ____sys_sendmsg+0x658/0x7d0 net/socket.c:2350 [<00000000964e16bc>] ___sys_sendmsg+0xf8/0x170 net/socket.c:2404 [<000000001615e288>] __sys_sendmsg+0xd3/0x190 net/socket.c:2433 [<000000004ee8b6a5>] do_syscall_64+0x37/0x90 arch/x86/entry/common.c:47 [<00000000171c7cee>] entry_SYSCALL_64_after_hwframe+0x44/0xae The memory of doi_def->map.std pointing is allocated in netlbl_cipsov4_add_std, but no place has freed it. It should be freed in cipso_v4_doi_free which frees the cipso DOI resource. (string)

}

1 : { »

lang : es (string)

value : En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: net: ipv4: corrige la pérdida de memoria en netlbl_cipsov4_add_std. Reportado por syzkaller: BUG: pérdida de memoria objeto sin referencia 0xffff888105df7000 (tamaño 64): comm "syz-executor842", pid 360, jiffies 4294824824 ( edad 22,546 s) volcado hexadecimal (primeros 32 bytes): 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ backtrace: [<00000000e67ed558>] kmalloc include/linux/slab.h:590 [en línea] [<00000000e67ed558> ] kzalloc include/linux/slab.h:720 [en línea] [<00000000e67ed558>] netlbl_cipsov4_add_std net/netlabel/netlabel_cipso_v4.c:145 [en línea] [<00000000e67ed558>] netlbl_cipsov4_add+0x390/0x234 0 net/netlabel/netlabel_cipso_v4.c: 416 [<0000000006040154>] genl_family_rcv_msg_doit.isra.0+0x20e/0x320 net/netlink/genetlink.c:739 [<00000000204d7a1c>] genl_family_rcv_msg net/netlink/genetlink.c:783 [en línea] 00000204d7a1c>] genl_rcv_msg+0x2bf /0x4f0 net/netlink/genetlink.c:800 [<00000000c0d6a995>] netlink_rcv_skb+0x134/0x3d0 net/netlink/af_netlink.c:2504 [<00000000d78b9d2c>] genl_rcv+0x24/0x40 11 [ <000000009733081b>] netlink_unicast_kernel net/netlink/af_netlink.c:1314 [en línea] [<000000009733081b>] netlink_unicast+0x4a0/0x6a0 net/netlink/af_netlink.c:1340 [<00000000d5fd43b8>] enviar mensaje+0x789/0xc70 net/netlink/ af_netlink.c:1929 [<000000000a2d1e40>] sock_sendmsg_nosec net/socket.c:654 [en línea] [<000000000a2d1e40>] sock_sendmsg+0x139/0x170 net/socket.c:674 [<00000000321d19 69>] ____sys_sendmsg+0x658/0x7d0 neto/ socket.c:2350 [<00000000964e16bc>] ___sys_sendmsg+0xf8/0x170 net/socket.c:2404 [<000000001615e288>] __sys_sendmsg+0xd3/0x190 net/socket.c:2433 4ee8b6a5>] do_syscall_64+0x37/0x90 arco /x86/entry/common.c:47 [<00000000171c7cee>] Entry_SYSCALL_64_after_hwframe+0x44/0xae La memoria de apuntamiento doi_def->map.std está asignada en netlbl_cipsov4_add_std, pero no se ha liberado ningún lugar. Debe liberarse en cipso_v4_doi_free, lo que libera el recurso cipso DOI. (string)

}

]

id : CVE-2021-47250 (string)

lastModified : 2024-12-30T19:00:27.217 (string)

metrics : { »

cvssMetricV31 : [ »

0 : { »

cvssData : { »

attackComplexity : LOW (string)

attackVector : LOCAL (string)

availabilityImpact : HIGH (string)

baseScore : 5.5 (number)

baseSeverity : MEDIUM (string)

confidentialityImpact : NONE (string)

integrityImpact : NONE (string)

privilegesRequired : LOW (string)

scope : UNCHANGED (string)

userInteraction : NONE (string)

vectorString : CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H (string)

version : 3.1 (string)

}

exploitabilityScore : 1.8 (number)

impactScore : 3.6 (number)

source : nvd@nist.gov (string)

type : Primary (string)

}

]

}

published : 2024-05-21T15:15:13.930 (string)

references : [ »

0 : { »

source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

tags : [ »

0 : Patch (string)

]

url : https://git.kernel.org/stable/c/086e92b1d68c6338535f715aad173f8cf4bfbc8c (string)

}

1 : { »

source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

tags : [ »

0 : Patch (string)

]

url : https://git.kernel.org/stable/c/0ffb460be3abac86f884a8c548bb02724ec370f4 (string)

}

2 : { »

source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

tags : [ »

0 : Patch (string)

]

url : https://git.kernel.org/stable/c/212166510582631994be4f4b3fe15e10a03c1dd4 (string)

}

3 : { »

source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

tags : [ »

0 : Patch (string)

]

url : https://git.kernel.org/stable/c/398a24447eb60f060c8994221cb5ae6caf355fa1 (string)

}

4 : { »

source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

tags : [ »

0 : Patch (string)

]

url : https://git.kernel.org/stable/c/5340858147e3dc60913fb3dd0cbb758ec4a26e66 (string)

}

5 : { »

source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

tags : [ »

0 : Patch (string)

]

url : https://git.kernel.org/stable/c/6dcea66d3bb519b426282588f38e884e07893c1f (string)

}

6 : { »

source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

tags : [ »

0 : Patch (string)

]

url : https://git.kernel.org/stable/c/d612c3f3fae221e7ea736d196581c2217304bbbc (string)

}

7 : { »

source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

tags : [ »

0 : Patch (string)

]

url : https://git.kernel.org/stable/c/deeeb65c6ee404f2d1fb80b38b2730645c0f4663 (string)

}

8 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Patch (string)

]

url : https://git.kernel.org/stable/c/086e92b1d68c6338535f715aad173f8cf4bfbc8c (string)

}

9 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Patch (string)

]

url : https://git.kernel.org/stable/c/0ffb460be3abac86f884a8c548bb02724ec370f4 (string)

}

10 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Patch (string)

]

url : https://git.kernel.org/stable/c/212166510582631994be4f4b3fe15e10a03c1dd4 (string)

}

11 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Patch (string)

]

url : https://git.kernel.org/stable/c/398a24447eb60f060c8994221cb5ae6caf355fa1 (string)

}

12 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Patch (string)

]

url : https://git.kernel.org/stable/c/5340858147e3dc60913fb3dd0cbb758ec4a26e66 (string)

}

13 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Patch (string)

]

url : https://git.kernel.org/stable/c/6dcea66d3bb519b426282588f38e884e07893c1f (string)

}

14 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Patch (string)

]

url : https://git.kernel.org/stable/c/d612c3f3fae221e7ea736d196581c2217304bbbc (string)

}

15 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Patch (string)

]

url : https://git.kernel.org/stable/c/deeeb65c6ee404f2d1fb80b38b2730645c0f4663 (string)

}

]

sourceIdentifier : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

vulnStatus : Analyzed (string)

weaknesses : [ »

0 : { »

description : [ »

0 : { »

lang : en (string)

value : CWE-401 (string)

}

]

source : nvd@nist.gov (string)

type : Primary (string)

}

]

}

Show plain JSON

{"bugzilla": {"description": "kernel: net: ipv4: fix memory leak in netlbl_cipsov4_add_std", "id": "2282562", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2282562"}, "csaw": false, "cvss3": {"cvss3_base_score": "6.1", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L", "status": "draft"}, "cwe": "CWE-402", "details": ["In the Linux kernel, the following vulnerability has been resolved:\nnet: ipv4: fix memory leak in netlbl_cipsov4_add_std\nReported by syzkaller:\nBUG: memory leak\nunreferenced object 0xffff888105df7000 (size 64):\ncomm \"syz-executor842\", pid 360, jiffies 4294824824 (age 22.546s)\nhex dump (first 32 bytes):\n00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\nbacktrace:\n[<00000000e67ed558>] kmalloc include/linux/slab.h:590 [inline]\n[<00000000e67ed558>] kzalloc include/linux/slab.h:720 [inline]\n[<00000000e67ed558>] netlbl_cipsov4_add_std net/netlabel/netlabel_cipso_v4.c:145 [inline]\n[<00000000e67ed558>] netlbl_cipsov4_add+0x390/0x2340 net/netlabel/netlabel_cipso_v4.c:416\n[<0000000006040154>] genl_family_rcv_msg_doit.isra.0+0x20e/0x320 net/netlink/genetlink.c:739\n[<00000000204d7a1c>] genl_family_rcv_msg net/netlink/genetlink.c:783 [inline]\n[<00000000204d7a1c>] genl_rcv_msg+0x2bf/0x4f0 net/netlink/genetlink.c:800\n[<00000000c0d6a995>] netlink_rcv_skb+0x134/0x3d0 net/netlink/af_netlink.c:2504\n[<00000000d78b9d2c>] genl_rcv+0x24/0x40 net/netlink/genetlink.c:811\n[<000000009733081b>] netlink_unicast_kernel net/netlink/af_netlink.c:1314 [inline]\n[<000000009733081b>] netlink_unicast+0x4a0/0x6a0 net/netlink/af_netlink.c:1340\n[<00000000d5fd43b8>] netlink_sendmsg+0x789/0xc70 net/netlink/af_netlink.c:1929\n[<000000000a2d1e40>] sock_sendmsg_nosec net/socket.c:654 [inline]\n[<000000000a2d1e40>] sock_sendmsg+0x139/0x170 net/socket.c:674\n[<00000000321d1969>] ____sys_sendmsg+0x658/0x7d0 net/socket.c:2350\n[<00000000964e16bc>] ___sys_sendmsg+0xf8/0x170 net/socket.c:2404\n[<000000001615e288>] __sys_sendmsg+0xd3/0x190 net/socket.c:2433\n[<000000004ee8b6a5>] do_syscall_64+0x37/0x90 arch/x86/entry/common.c:47\n[<00000000171c7cee>] entry_SYSCALL_64_after_hwframe+0x44/0xae\nThe memory of doi_def->map.std pointing is allocated in\nnetlbl_cipsov4_add_std, but no place has freed it. It should be\nfreed in cipso_v4_doi_free which frees the cipso DOI resource."], "name": "CVE-2021-47250", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2024-05-21T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2021-47250\nhttps://nvd.nist.gov/vuln/detail/CVE-2021-47250\nhttps://lore.kernel.org/linux-cve-announce/2024052144-CVE-2021-47250-7fad@gregkh/T"], "threat_severity": "Low"}

{

bugzilla : { »

description : kernel: net: ipv4: fix memory leak in netlbl_cipsov4_add_std (string)

id : 2282562 (string)

url : https://bugzilla.redhat.com/show_bug.cgi?id=2282562 (string)

}

csaw : false (boolean)

cvss3 : { »

cvss3_base_score : 6.1 (string)

cvss3_scoring_vector : CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L (string)

status : draft (string)

}

cwe : CWE-402 (string)

details : [ »

0 : In the Linux kernel, the following vulnerability has been resolved: net: ipv4: fix memory leak in netlbl_cipsov4_add_std Reported by syzkaller: BUG: memory leak unreferenced object 0xffff888105df7000 (size 64): comm "syz-executor842", pid 360, jiffies 4294824824 (age 22.546s) hex dump (first 32 bytes): 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ backtrace: [<00000000e67ed558>] kmalloc include/linux/slab.h:590 [inline] [<00000000e67ed558>] kzalloc include/linux/slab.h:720 [inline] [<00000000e67ed558>] netlbl_cipsov4_add_std net/netlabel/netlabel_cipso_v4.c:145 [inline] [<00000000e67ed558>] netlbl_cipsov4_add+0x390/0x2340 net/netlabel/netlabel_cipso_v4.c:416 [<0000000006040154>] genl_family_rcv_msg_doit.isra.0+0x20e/0x320 net/netlink/genetlink.c:739 [<00000000204d7a1c>] genl_family_rcv_msg net/netlink/genetlink.c:783 [inline] [<00000000204d7a1c>] genl_rcv_msg+0x2bf/0x4f0 net/netlink/genetlink.c:800 [<00000000c0d6a995>] netlink_rcv_skb+0x134/0x3d0 net/netlink/af_netlink.c:2504 [<00000000d78b9d2c>] genl_rcv+0x24/0x40 net/netlink/genetlink.c:811 [<000000009733081b>] netlink_unicast_kernel net/netlink/af_netlink.c:1314 [inline] [<000000009733081b>] netlink_unicast+0x4a0/0x6a0 net/netlink/af_netlink.c:1340 [<00000000d5fd43b8>] netlink_sendmsg+0x789/0xc70 net/netlink/af_netlink.c:1929 [<000000000a2d1e40>] sock_sendmsg_nosec net/socket.c:654 [inline] [<000000000a2d1e40>] sock_sendmsg+0x139/0x170 net/socket.c:674 [<00000000321d1969>] ____sys_sendmsg+0x658/0x7d0 net/socket.c:2350 [<00000000964e16bc>] ___sys_sendmsg+0xf8/0x170 net/socket.c:2404 [<000000001615e288>] __sys_sendmsg+0xd3/0x190 net/socket.c:2433 [<000000004ee8b6a5>] do_syscall_64+0x37/0x90 arch/x86/entry/common.c:47 [<00000000171c7cee>] entry_SYSCALL_64_after_hwframe+0x44/0xae The memory of doi_def->map.std pointing is allocated in netlbl_cipsov4_add_std, but no place has freed it. It should be freed in cipso_v4_doi_free which frees the cipso DOI resource. (string)

]

name : CVE-2021-47250 (string)

package_state : [ »

0 : { »

cpe : cpe:/o:redhat:enterprise_linux:6 (string)

fix_state : Out of support scope (string)

package_name : kernel (string)

product_name : Red Hat Enterprise Linux 6 (string)

}

1 : { »

cpe : cpe:/o:redhat:enterprise_linux:7 (string)

fix_state : Out of support scope (string)

package_name : kernel (string)

product_name : Red Hat Enterprise Linux 7 (string)

}

2 : { »

cpe : cpe:/o:redhat:enterprise_linux:7 (string)

fix_state : Out of support scope (string)

package_name : kernel-rt (string)

product_name : Red Hat Enterprise Linux 7 (string)

}

3 : { »

cpe : cpe:/o:redhat:enterprise_linux:8 (string)

fix_state : Affected (string)

package_name : kernel (string)

product_name : Red Hat Enterprise Linux 8 (string)

}

4 : { »

cpe : cpe:/o:redhat:enterprise_linux:8 (string)

fix_state : Affected (string)

package_name : kernel-rt (string)

product_name : Red Hat Enterprise Linux 8 (string)

}

5 : { »

cpe : cpe:/o:redhat:enterprise_linux:9 (string)

fix_state : Affected (string)

package_name : kernel (string)

product_name : Red Hat Enterprise Linux 9 (string)

}

6 : { »

cpe : cpe:/o:redhat:enterprise_linux:9 (string)

fix_state : Affected (string)

package_name : kernel-rt (string)

product_name : Red Hat Enterprise Linux 9 (string)

}

]

public_date : 2024-05-21T00:00:00Z (string)

references : [ »

0 : https://www.cve.org/CVERecord?id=CVE-2021-47250 https://nvd.nist.gov/vuln/detail/CVE-2021-47250 https://lore.kernel.org/linux-cve-announce/2024052144-CVE-2021-47250-7fad@gregkh/T (string)

]

threat_severity : Low (string)

}

Metrics

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Exploitation none

Automatable no

Technical Impact partial

Affected Vendors & Products

Metrics

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Exploitation none

Automatable no

Technical Impact partial

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object