Memory Leak Affecting kernel-debuginfo package, versions <0:4.14.238-182.421.amzn2
Threat Intelligence
Do your applications use this vulnerable package?
In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applications- Snyk ID SNYK-AMZN2-KERNELDEBUGINFO-7678676
- published 14 Aug 2024
- disclosed 29 Feb 2024
Introduced: 29 Feb 2024
CVE-2021-47054 Open this link in a new tabHow to fix?
Upgrade Amazon-Linux:2 kernel-debuginfo to version 0:4.14.238-182.421.amzn2 or higher.
This issue was patched in ALAS2-2021-1685.
NVD Description
Note: Versions mentioned in the description apply only to the upstream kernel-debuginfo package and not the kernel-debuginfo package as distributed by Amazon-Linux.
See How to fix? for Amazon-Linux:2 relevant fixed versions and status.
In the Linux kernel, the following vulnerability has been resolved:
bus: qcom: Put child node before return
Put child node before return to fix potential reference count leak. Generally, the reference count of child is incremented and decremented automatically in the macro for_each_available_child_of_node() and should be decremented manually if the loop is broken in loop body.
References
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-47054
- https://git.kernel.org/stable/c/00f6abd3509b1d70d0ab0fbe65ce5685cebed8be
- https://git.kernel.org/stable/c/3a76ec28824c01b57aa1f0927841d75e4f167cb8
- https://git.kernel.org/stable/c/6b68c03dfc79cd95a58dfd03f91f6e82829a1b0c
- https://git.kernel.org/stable/c/94810fc52925eb122a922df7f9966cf3f4ba7391
- https://git.kernel.org/stable/c/a399dd80e697a02cfb23e2fc09b87849994043d9
- https://git.kernel.org/stable/c/a6191e91c10e50bd51db65a00e03d02b6b0cf8c4
- https://git.kernel.org/stable/c/ac6ad7c2a862d682bb584a4bc904d89fa7721af8
- https://git.kernel.org/stable/c/c6f8e0dc8da1cd78d640dee392071cc2326ec1b2