CVE-2021-47190
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
10/04/2024
Last modified:
07/01/2025
Description
In the Linux kernel, the following vulnerability has been resolved:<br />
<br />
perf bpf: Avoid memory leak from perf_env__insert_btf()<br />
<br />
perf_env__insert_btf() doesn&#39;t insert if a duplicate BTF id is<br />
encountered and this causes a memory leak. Modify the function to return<br />
a success/error value and then free the memory if insertion didn&#39;t<br />
happen.<br />
<br />
v2. Adds a return -1 when the insertion error occurs in<br />
perf_env__fetch_btf. This doesn&#39;t affect anything as the result is<br />
never checked.
Impact
Base Score 3.x
5.50
Severity 3.x
MEDIUM
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 5.1 (including) | 5.4.162 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 5.5 (including) | 5.10.82 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 5.11 (including) | 5.15.5 (excluding) |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- https://git.kernel.org/stable/c/11589d3144bc4e272e0aae46ce8156162e99babc
- https://git.kernel.org/stable/c/4924b1f7c46711762fd0e65c135ccfbcfd6ded1f
- https://git.kernel.org/stable/c/642fc22210a5e59d40b1e4d56d21ec3effd401f2
- https://git.kernel.org/stable/c/ab7c3d8d81c511ddfb27823fb07081c96422b56e
- https://git.kernel.org/stable/c/11589d3144bc4e272e0aae46ce8156162e99babc
- https://git.kernel.org/stable/c/4924b1f7c46711762fd0e65c135ccfbcfd6ded1f
- https://git.kernel.org/stable/c/642fc22210a5e59d40b1e4d56d21ec3effd401f2
- https://git.kernel.org/stable/c/ab7c3d8d81c511ddfb27823fb07081c96422b56e