vulnerability
Debian: CVE-2021-47438: linux -- security update
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 5 | (AV:L/AC:L/Au:S/C:N/I:N/A:C) | 05/22/2024 | 07/30/2024 | 01/30/2025 |
Description
In the Linux kernel, the following vulnerability has been resolved:
net/mlx5e: Fix memory leak in mlx5_core_destroy_cq() error path
Prior to this patch in case mlx5_core_destroy_cq() failed it returns
without completing all destroy operations and that leads to memory leak.
Instead, complete the destroy flow before return error.
Also move mlx5_debug_cq_remove() to the beginning of mlx5_core_destroy_cq()
to be symmetrical with mlx5_core_create_cq().
kmemleak complains on:
unreferenced object 0xc000000038625100 (size 64):
comm "ethtool", pid 28301, jiffies 4298062946 (age 785.380s)
hex dump (first 32 bytes):
60 01 48 94 00 00 00 c0 b8 05 34 c3 00 00 00 c0 `.H.......4.....
02 00 00 00 00 00 00 00 00 db 7d c1 00 00 00 c0 ..........}.....
backtrace:
[] add_res_tree+0xd0/0x270 [mlx5_core]
[] mlx5_debug_cq_add+0x5c/0xc0 [mlx5_core]
[] mlx5_core_create_cq+0x1d0/0x2d0 [mlx5_core]
[] mlx5e_create_cq+0x210/0x3f0 [mlx5_core]
[] mlx5e_open_cq+0xb4/0x130 [mlx5_core]
[] mlx5e_ptp_open+0x7f4/0xe10 [mlx5_core]
[ [] mlx5e_switch_priv_channels+0xa4/0x230
[mlx5_core]
[] mlx5e_safe_switch_params+0x14c/0x300
[mlx5_core]
[] set_pflag_tx_port_ts+0x9c/0x160 [mlx5_core]
[] mlx5e_set_priv_flags+0xd0/0x1b0 [mlx5_core]
[] ethnl_set_privflags+0x234/0x2d0
[] genl_family_rcv_msg_doit+0x108/0x1d0
[] genl_family_rcv_msg+0xe4/0x1f0
[] genl_rcv_msg+0x78/0x120
[] netlink_rcv_skb+0x74/0x1a0
Solution
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.