CVE-2021-47624

Updated: 2024-11-23 02:07:50.00246

Description:

In the Linux kernel, the following vulnerability has been resolved: net/sunrpc: fix reference count leaks in rpc_sysfs_xprt_state_change The refcount leak issues take place in an error handling path. When the 3rd argument buf doesn't match with "offline", "online" or "remove", the function simply returns -EINVAL and forgets to decrease the reference count of a rpc_xprt object and a rpc_xprt_switch object increased by rpc_sysfs_xprt_kobj_get_xprt() and rpc_sysfs_xprt_kobj_get_xprt_switch(), causing reference count leaks of both unused objects. Fix this issue by jumping to the error handling path labelled with out_put when buf matches none of "offline", "online" or "remove".


Links NIST CIRCL RHEL Ubuntu

Severity

Severity Score
CVSS Version 2.x 0
CVSS Version 3.x HIGH 7.1

Status

OS name Project name Version Score Severity Status Errata Last updated

Statement

AlmaLinux 9.2 ESU kernel 5.14.0 7.1 HIGH Already Fixed 2024-11-14 03:02:23
AlmaLinux 9.2 FIPS kernel 5.14.0 7.1 HIGH Already Fixed 2024-11-14 03:02:26
CentOS 6 ELS kernel 2.6.32 7.1 HIGH Not Vulnerable 2024-11-01 03:50:59
CentOS 7 ELS kernel 3.10.0 7.1 HIGH Not Vulnerable 2024-11-01 03:50:57
CentOS 8.4 ELS kernel 4.18.0 7.1 HIGH Not Vulnerable 2024-11-01 03:50:57
CentOS 8.5 ELS kernel 4.18.0 7.1 HIGH Not Vulnerable 2024-11-01 03:50:57
CentOS Stream 8 ELS kernel 4.18.0 7.1 HIGH Released CLSA-2024:1731431756 2024-11-12 13:45:32
CloudLinux 6 ELS kernel 2.6.32 7.1 HIGH Not Vulnerable 2024-11-01 03:50:57
CloudLinux 7 ELS kernel 3.10.0 7.1 HIGH Not Vulnerable 2024-11-01 03:50:57
Oracle Linux 6 ELS kernel 2.6.32 7.1 HIGH Not Vulnerable 2024-11-01 03:50:57
Total: 12