CVE-2021-47545 : In the Linux kernel, the following vulnerability has been resolved: perf hist:

In the Linux kernel, the following vulnerability has been resolved: perf hist: Fix memory leak of a perf_hpp_fmt perf_hpp__column_unregister() removes an entry from a list but doesn't free the memory causing a memory leak spotted by leak sanitizer. Add the free while at the same time reducing the scope of the function to static.

Published 2024-05-24 15:15:19

Updated 2024-06-10 18:31:10

Source Linux

View at NVD, CVE.org

Products affected by CVE-2021-47545

Linux » Linux Kernel
Versions from including (>=) 5.11 and before (<) 5.15.7
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel
Versions before (<) 4.14.257
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel
Versions from including (>=) 5.5 and before (<) 5.10.84
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel
Versions from including (>=) 4.20 and before (<) 5.4.164
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel
Versions from including (>=) 4.15 and before (<) 4.19.220
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Matching versions

Exploit prediction scoring system (EPSS) score for CVE-2021-47545

EPSS FAQ

0.04%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 5 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2021-47545

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source	First Seen
5.5	MEDIUM	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H	1.8	3.6	NIST	2024-06-10
Attack Vector: Local Attack Complexity: Low Privileges Required: Low User Interaction: None Scope: Unchanged Confidentiality: None Integrity: None Availability: High

CWE ids for CVE-2021-47545

CWE-401 Missing Release of Memory after Effective Lifetime

The product does not sufficiently track and release allocated memory after it has been used, making the memory unavailable for reallocation and reuse.

Assigned by: nvd@nist.gov (Primary)

References for CVE-2021-47545

https://git.kernel.org/stable/c/0ca1f534a776cc7d42f2c33da4732b74ec2790cd

perf hist: Fix memory leak of a perf_hpp_fmt - kernel/git/stable/linux.git - Linux kernel stable tree
Patch
https://git.kernel.org/stable/c/c5c8a26c0dc69a400553245e92d741fe55f91095

perf hist: Fix memory leak of a perf_hpp_fmt - kernel/git/stable/linux.git - Linux kernel stable tree
Patch
https://git.kernel.org/stable/c/5b5c6f57a1f81499db4c8ea597898cb1b87de0b6

perf hist: Fix memory leak of a perf_hpp_fmt - kernel/git/stable/linux.git - Linux kernel stable tree
Patch
https://git.kernel.org/stable/c/b380d09e44e8479e71e3ae8446b515a5b3166244

perf hist: Fix memory leak of a perf_hpp_fmt - kernel/git/stable/linux.git - Linux kernel stable tree
Patch
https://git.kernel.org/stable/c/a4c17ebdd6249cb4e061358d3693383f6628e069

perf hist: Fix memory leak of a perf_hpp_fmt - kernel/git/stable/linux.git - Linux kernel stable tree
Patch
https://git.kernel.org/stable/c/24a139c105fa0f7f99888cf328bf6a02fc841675

perf hist: Fix memory leak of a perf_hpp_fmt - kernel/git/stable/linux.git - Linux kernel stable tree
Patch

Jump to

Vulnerability Details : CVE-2021-47545

Products affected by CVE-2021-47545

Exploit prediction scoring system (EPSS) score for CVE-2021-47545

CVSS scores for CVE-2021-47545

CWE ids for CVE-2021-47545

References for CVE-2021-47545