CVE-2021-46937

unknown

Published — · Modified —

CVSS v3

—

CVSS v2

—

VIR risk

—

Description

In the Linux kernel, the following vulnerability has been resolved: mm/damon/dbgfs: fix 'struct pid' leaks in 'dbgfs_target_ids_write()' DAMON debugfs interface increases the reference counts of 'struct pid's for targets from the 'target_ids' file write callback ('dbgfs_target_ids_write()'), but decreases the counts only in DAMON monitoring termination callback ('dbgfs_before_terminate()'). Therefore, when 'target_ids' file is repeatedly written without DAMON monitoring start/termination, the reference count is not decreased and therefore memory for the 'struct pid' cannot be freed. This commit fixes this issue by decreasing the reference counts when 'target_ids' is written.

Predictions

Exploit likelihood

20%

Patch ETA

—

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

vendor Authored 2026-05-27

Vendor advisory: debian — https://security-tracker.debian.org/tracker/CVE-2021-46937

OS impact

OS	Version	Status	Fixed in
debian	bookworm	fixed	`5.15.15-1`
debian	bullseye	affected
debian	forky	fixed	`5.15.15-1`
debian	sid	fixed	`5.15.15-1`
debian	trixie	fixed	`5.15.15-1`

References

https://security-tracker.debian.org/tracker/CVE-2021-46937

Verify integrity in audit chain (admin only). AS-IS.