VIR Vulnerability Intelligence Relay

CVE-2021-47295

unknown
Published — · Modified —
CVSS v3
VIR risk

Description

In the Linux kernel, the following vulnerability has been resolved: net: sched: fix memory leak in tcindex_partial_destroy_work Syzbot reported memory leak in tcindex_set_parms(). The problem was in non-freed perfect hash in tcindex_partial_destroy_work(). In tcindex_set_parms() new tcindex_data is allocated and some fields from old one are copied to new one, but not the perfect hash. Since tcindex_partial_destroy_work() is the destroy function for old tcindex_data, we need to free perfect hash to avoid memory leak.

Predictions

Exploit likelihood
20%
Patch ETA

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

No vendor mitigations ingested yet for this CVE. The mitigation-content worker queues fetches as references arrive — check back in a few minutes, or see the references list below.

OS impact
OSVersionStatusFixed in
suse slesaffected
debian debianbookwormfixed5.14.6-1
debian debianbullseyefixed5.10.70-1
debian debianforkyfixed5.14.6-1
debian debiansidfixed5.14.6-1
debian debiantrixiefixed5.14.6-1

References

💬 Discuss CVE-2021-47295 on VIR Community →

Community-verified mitigations for this CVE will appear above when contributors publish them.

Verify integrity in audit chain (admin only). AS-IS.