Vulnerability Description
In the Linux kernel, the following vulnerability has been resolved: perf bpf: Avoid memory leak from perf_env__insert_btf() perf_env__insert_btf() doesn't insert if a duplicate BTF id is encountered and this causes a memory leak. Modify the function to return a success/error value and then free the memory if insertion didn't happen. v2. Adds a return -1 when the insertion error occurs in perf_env__fetch_btf. This doesn't affect anything as the result is never checked.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Linux | Linux Kernel | >= 5.1, < 5.4.162 |
Related Weaknesses (CWE)
References
- https://git.kernel.org/stable/c/11589d3144bc4e272e0aae46ce8156162e99babcPatch
- https://git.kernel.org/stable/c/4924b1f7c46711762fd0e65c135ccfbcfd6ded1fPatch
- https://git.kernel.org/stable/c/642fc22210a5e59d40b1e4d56d21ec3effd401f2Patch
- https://git.kernel.org/stable/c/ab7c3d8d81c511ddfb27823fb07081c96422b56ePatch
- https://git.kernel.org/stable/c/11589d3144bc4e272e0aae46ce8156162e99babcPatch
- https://git.kernel.org/stable/c/4924b1f7c46711762fd0e65c135ccfbcfd6ded1fPatch
- https://git.kernel.org/stable/c/642fc22210a5e59d40b1e4d56d21ec3effd401f2Patch
- https://git.kernel.org/stable/c/ab7c3d8d81c511ddfb27823fb07081c96422b56ePatch
FAQ
What is CVE-2021-47190?
CVE-2021-47190 is a vulnerability with a CVSS score of 5.5 (MEDIUM). In the Linux kernel, the following vulnerability has been resolved: perf bpf: Avoid memory leak from perf_env__insert_btf() perf_env__insert_btf() doesn't insert if a duplicate BTF id is encountered...
How severe is CVE-2021-47190?
CVE-2021-47190 has been rated MEDIUM with a CVSS base score of 5.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2021-47190?
Check the references section above for vendor advisories and patch information. Affected products include: Linux Linux Kernel.