vulnerability
Amazon Linux AMI 2: CVE-2021-46956: Security patch for kernel (Multiple Advisories)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 5 | (AV:L/AC:L/Au:S/C:N/I:N/A:C) | 02/27/2024 | 05/28/2024 | 01/30/2025 |
Description
In the Linux kernel, the following vulnerability has been resolved:
virtiofs: fix memory leak in virtio_fs_probe()
When accidentally passing twice the same tag to qemu, kmemleak ended up
reporting a memory leak in virtiofs. Also, looking at the log I saw the
following error (that's when I realised the duplicated tag):
virtiofs: probe of virtio5 failed with error -17
Here's the kmemleak log for reference:
unreferenced object 0xffff888103d47800 (size 1024):
comm "systemd-udevd", pid 118, jiffies 4294893780 (age 18.340s)
hex dump (first 32 bytes):
00 00 00 00 ad 4e ad de ff ff ff ff 00 00 00 00 .....N..........
ff ff ff ff ff ff ff ff 80 90 02 a0 ff ff ff ff ................
backtrace:
[] virtio_fs_probe+0x171/0x7ae [virtiofs]
[] virtio_dev_probe+0x15f/0x210
[] really_probe+0xea/0x430
[] device_driver_attach+0xa8/0xb0
[] __driver_attach+0x98/0x140
[] bus_for_each_dev+0x7b/0xc0
[] bus_add_driver+0x11b/0x1f0
[] driver_register+0x8f/0xe0
[] 0xffffffffa002c013
[] do_one_initcall+0x64/0x2e0
[] do_init_module+0x5c/0x260
[] __do_sys_finit_module+0xb5/0x120
[] do_syscall_64+0x33/0x40
[] entry_SYSCALL_64_after_hwframe+0x44/0xae
Solution(s)
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.