CVE-2021-47325 : In the Linux kernel, the following vulnerability has been resolved: iommu/arm-s

In the Linux kernel, the following vulnerability has been resolved: iommu/arm-smmu: Fix arm_smmu_device refcount leak in address translation The reference counting issue happens in several exception handling paths of arm_smmu_iova_to_phys_hard(). When those error scenarios occur, the function forgets to decrease the refcount of "smmu" increased by arm_smmu_rpm_get(), causing a refcount leak. Fix this issue by jumping to "out" label when those error scenarios occur.

Published 2024-05-21 14:35:38

Updated 2025-01-13 20:04:48

Source Linux

View at NVD, CVE.org

Products affected by CVE-2021-47325

Linux » Linux Kernel
Versions from including (>=) 5.11 and before (<) 5.12.19
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel
Versions from including (>=) 5.5 and before (<) 5.10.52
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel
Versions before (<) 5.4.134
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel
Versions from including (>=) 5.13 and before (<) 5.13.4
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Matching versions

Exploit prediction scoring system (EPSS) score for CVE-2021-47325

EPSS FAQ

0.05%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 12 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2021-47325

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source	First Seen
5.5	MEDIUM	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H	1.8	3.6	NIST	2025-01-13
Attack Vector: Local Attack Complexity: Low Privileges Required: Low User Interaction: None Scope: Unchanged Confidentiality: None Integrity: None Availability: High

References for CVE-2021-47325

https://git.kernel.org/stable/c/0f0c5ea09139777d90729d408b807021f2ea6492

iommu/arm-smmu: Fix arm_smmu_device refcount leak in address translation - kernel/git/stable/linux.git - Linux kernel stable tree
Patch
https://git.kernel.org/stable/c/7c8f176d6a3fa18aa0f8875da6f7c672ed2a8554

iommu/arm-smmu: Fix arm_smmu_device refcount leak in address translation - kernel/git/stable/linux.git - Linux kernel stable tree
Patch
https://git.kernel.org/stable/c/5f9741a9a91f25c89e04b408cd61e3ab050ce24b

iommu/arm-smmu: Fix arm_smmu_device refcount leak in address translation - kernel/git/stable/linux.git - Linux kernel stable tree
Patch
https://git.kernel.org/stable/c/b11220803ad14a2a880cc06d8e01fe2548cc85b0

iommu/arm-smmu: Fix arm_smmu_device refcount leak in address translation - kernel/git/stable/linux.git - Linux kernel stable tree
Patch
https://git.kernel.org/stable/c/43d1aaa1965f9b58035196dac49b1e1e6c9c25eb

iommu/arm-smmu: Fix arm_smmu_device refcount leak in address translation - kernel/git/stable/linux.git - Linux kernel stable tree
Patch

Jump to

Vulnerability Details : CVE-2021-47325

Products affected by CVE-2021-47325

Exploit prediction scoring system (EPSS) score for CVE-2021-47325

CVSS scores for CVE-2021-47325

References for CVE-2021-47325