nvd-json-data-feeds/CVE-2021/CVE-2021-476xx/CVE-2021-47624.json

{
  "id": "CVE-2021-47624",
  "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
  "published": "2024-07-16T12:15:02.553",
  "lastModified": "2024-11-21T06:36:41.900",
  "vulnStatus": "Modified",
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sunrpc: fix reference count leaks in rpc_sysfs_xprt_state_change\n\nThe refcount leak issues take place in an error handling path. When the\n3rd argument buf doesn't match with \"offline\", \"online\" or \"remove\", the\nfunction simply returns -EINVAL and forgets to decrease the reference\ncount of a rpc_xprt object and a rpc_xprt_switch object increased by\nrpc_sysfs_xprt_kobj_get_xprt() and\nrpc_sysfs_xprt_kobj_get_xprt_switch(), causing reference count leaks of\nboth unused objects.\n\nFix this issue by jumping to the error handling path labelled with\nout_put when buf matches none of \"offline\", \"online\" or \"remove\"."
    },
    {
      "lang": "es",
      "value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: net/sunrpc: corrige fugas de recuento de referencias en rpc_sysfs_xprt_state_change Los problemas de fugas de recuento tienen lugar en una ruta de manejo de errores. Cuando el tercer argumento buf no coincide con \"fuera de l\u00ednea\", \"en l\u00ednea\" o \"eliminar\", la funci\u00f3n simplemente devuelve -EINVAL y se olvida de disminuir el recuento de referencias de un objeto rpc_xprt y un objeto rpc_xprt_switch aumentado en rpc_sysfs_xprt_kobj_get_xprt() y rpc_sysfs_xprt_kobj_get_xprt_switch (), lo que provoca fugas en el recuento de referencias de ambos objetos no utilizados. Solucione este problema saltando a la ruta de manejo de errores etiquetada con out_put cuando buf no coincida con \"fuera de l\u00ednea\", \"en l\u00ednea\" o \"eliminar\"."
    }
  ],
  "metrics": {
    "cvssMetricV31": [
      {
        "source": "nvd@nist.gov",
        "type": "Primary",
        "cvssData": {
          "version": "3.1",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
          "baseScore": 7.1,
          "baseSeverity": "HIGH",
          "attackVector": "LOCAL",
          "attackComplexity": "LOW",
          "privilegesRequired": "LOW",
          "userInteraction": "NONE",
          "scope": "UNCHANGED",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "NONE",
          "availabilityImpact": "HIGH"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 5.2
      }
    ]
  },
  "weaknesses": [
    {
      "source": "nvd@nist.gov",
      "type": "Primary",
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ]
    }
  ],
  "configurations": [
    {
      "nodes": [
        {
          "operator": "OR",
          "negate": false,
          "cpeMatch": [
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "versionEndExcluding": "5.15.24",
              "matchCriteriaId": "9064E0A6-C05B-4161-9FB1-A2CC0F00A07A"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "versionStartIncluding": "5.16",
              "versionEndExcluding": "5.16.10",
              "matchCriteriaId": "679523BA-1392-404B-AB85-F5A5408B1ECC"
            }
          ]
        }
      ]
    }
  ],
  "references": [
    {
      "url": "https://git.kernel.org/stable/c/4b22aa42bd4d2d630ef1854c139275c3532937cb",
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "tags": [
        "Mailing List",
        "Patch"
      ]
    },
    {
      "url": "https://git.kernel.org/stable/c/5f6024c05a2c0fdd180b29395aaf686d25af3a0f",
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "tags": [
        "Mailing List",
        "Patch"
      ]
    },
    {
      "url": "https://git.kernel.org/stable/c/776d794f28c95051bc70405a7b1fa40115658a18",
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "tags": [
        "Mailing List",
        "Patch"
      ]
    },
    {
      "url": "https://git.kernel.org/stable/c/4b22aa42bd4d2d630ef1854c139275c3532937cb",
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Patch"
      ]
    },
    {
      "url": "https://git.kernel.org/stable/c/5f6024c05a2c0fdd180b29395aaf686d25af3a0f",
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Patch"
      ]
    },
    {
      "url": "https://git.kernel.org/stable/c/776d794f28c95051bc70405a7b1fa40115658a18",
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Patch"
      ]
    }
  ]
}