vulnerability

Debian: CVE-2021-46968: linux -- security update

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
5	(AV:L/AC:L/Au:S/C:N/I:N/A:C)	02/27/2024	07/30/2024	01/28/2025

Severity

CVSS

(AV:L/AC:L/Au:S/C:N/I:N/A:C)

Published

02/27/2024

Added

07/30/2024

Modified

01/28/2025

Description

In the Linux kernel, the following vulnerability has been resolved:

s390/zcrypt: fix zcard and zqueue hot-unplug memleak

Tests with kvm and a kmemdebug kernel showed, that on hot unplug the
zcard and zqueue structs for the unplugged card or queue are not
properly freed because of a mismatch with get/put for the embedded
kref counter.

This fix now adjusts the handling of the kref counters. With init the
kref counter starts with 1. This initial value needs to drop to zero
with the unregister of the card or queue to trigger the release and
free the object.

Solution

debian-upgrade-linux

References

CVE-2021-46968
https://attackerkb.com/topics/CVE-2021-46968

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today