CVE-2021-47426 : In the Linux kernel, the following vulnerability has been resolved: bpf, s390:

In the Linux kernel, the following vulnerability has been resolved: bpf, s390: Fix potential memory leak about jit_data Make sure to free jit_data through kfree() in the error path.

Published 2024-05-21 15:15:28

Updated 2024-12-31 20:03:39

Source Linux

View at NVD, CVE.org

Products affected by CVE-2021-47426

Linux » Linux Kernel
Versions from including (>=) 5.11 and before (<) 5.14.12
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel
Versions from including (>=) 5.5 and before (<) 5.10.73
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel
Versions from including (>=) 5.4 and before (<) 5.4.153
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 5.15 Update RC1
cpe:2.3:o:linux:linux_kernel:5.15:rc1:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 5.15 Update RC2
cpe:2.3:o:linux:linux_kernel:5.15:rc2:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 5.15 Update RC3
cpe:2.3:o:linux:linux_kernel:5.15:rc3:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 5.15 Update RC4
cpe:2.3:o:linux:linux_kernel:5.15:rc4:*:*:*:*:*:*
Matching versions

Exploit prediction scoring system (EPSS) score for CVE-2021-47426

EPSS FAQ

0.05%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 12 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2021-47426

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source	First Seen
5.5	MEDIUM	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H	1.8	3.6	NIST	2024-12-31
Attack Vector: Local Attack Complexity: Low Privileges Required: Low User Interaction: None Scope: Unchanged Confidentiality: None Integrity: None Availability: High

CWE ids for CVE-2021-47426

CWE-401 Missing Release of Memory after Effective Lifetime

The product does not sufficiently track and release allocated memory after it has been used, making the memory unavailable for reallocation and reuse.

Assigned by: nvd@nist.gov (Primary)

References for CVE-2021-47426

https://git.kernel.org/stable/c/d590a410e472417a22336c7c37685bfb38e801f2

bpf, s390: Fix potential memory leak about jit_data - kernel/git/stable/linux.git - Linux kernel stable tree
Patch
https://git.kernel.org/stable/c/a326f9c01cfbee4450ae49ce618ae6cbc0f76842

bpf, s390: Fix potential memory leak about jit_data - kernel/git/stable/linux.git - Linux kernel stable tree
Patch
https://git.kernel.org/stable/c/29fdb11ca88d3c490a3d56f0dc77eb9444d086be

bpf, s390: Fix potential memory leak about jit_data - kernel/git/stable/linux.git - Linux kernel stable tree
Patch
https://git.kernel.org/stable/c/686cb8b9f6b46787f035afe8fbd132a74e6b1bdd

bpf, s390: Fix potential memory leak about jit_data - kernel/git/stable/linux.git - Linux kernel stable tree
Patch

Jump to

Vulnerability Details : CVE-2021-47426

Products affected by CVE-2021-47426

Exploit prediction scoring system (EPSS) score for CVE-2021-47426

CVSS scores for CVE-2021-47426

CWE ids for CVE-2021-47426

References for CVE-2021-47426