vulnerability

SUSE: CVE-2021-46956: SUSE Linux Security Advisory

Try Surface Command
Back to search
Severity
5
CVSS
(AV:L/AC:L/Au:S/C:N/I:N/A:C)
Published
02/27/2024
Added
08/09/2024
Modified
01/28/2025

Description

In the Linux kernel, the following vulnerability has been resolved:

virtiofs: fix memory leak in virtio_fs_probe()

When accidentally passing twice the same tag to qemu, kmemleak ended up
reporting a memory leak in virtiofs. Also, looking at the log I saw the
following error (that's when I realised the duplicated tag):

virtiofs: probe of virtio5 failed with error -17

Here's the kmemleak log for reference:

unreferenced object 0xffff888103d47800 (size 1024):
comm "systemd-udevd", pid 118, jiffies 4294893780 (age 18.340s)
hex dump (first 32 bytes):
00 00 00 00 ad 4e ad de ff ff ff ff 00 00 00 00 .....N..........
ff ff ff ff ff ff ff ff 80 90 02 a0 ff ff ff ff ................
backtrace:
[] virtio_fs_probe+0x171/0x7ae [virtiofs]
[] virtio_dev_probe+0x15f/0x210
[] really_probe+0xea/0x430
[] device_driver_attach+0xa8/0xb0
[] __driver_attach+0x98/0x140
[] bus_for_each_dev+0x7b/0xc0
[] bus_add_driver+0x11b/0x1f0
[] driver_register+0x8f/0xe0
[] 0xffffffffa002c013
[] do_one_initcall+0x64/0x2e0
[] do_init_module+0x5c/0x260
[] __do_sys_finit_module+0xb5/0x120
[] do_syscall_64+0x33/0x40
[] entry_SYSCALL_64_after_hwframe+0x44/0xae

Solution(s)

suse-upgrade-kernel-64kbsuse-upgrade-kernel-64kb-develsuse-upgrade-kernel-defaultsuse-upgrade-kernel-default-basesuse-upgrade-kernel-default-develsuse-upgrade-kernel-develsuse-upgrade-kernel-docssuse-upgrade-kernel-macrossuse-upgrade-kernel-obs-buildsuse-upgrade-kernel-preemptsuse-upgrade-kernel-preempt-develsuse-upgrade-kernel-sourcesuse-upgrade-kernel-symssuse-upgrade-kernel-zfcpdumpsuse-upgrade-reiserfs-kmp-default

References

Title
NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today