Resource Leak Affecting kernel-devel package, versions *
Threat Intelligence
Do your applications use this vulnerable package?
In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applications- Snyk ID SNYK-CENTOS7-KERNELDEVEL-7004005
- published 22 May 2024
- disclosed 21 May 2024
Introduced: 21 May 2024
CVE-2021-47425 Open this link in a new tabHow to fix?
There is no fixed version for Centos:7
kernel-devel
.
NVD Description
Note: Versions mentioned in the description apply only to the upstream kernel-devel
package and not the kernel-devel
package as distributed by Centos
.
See How to fix?
for Centos:7
relevant fixed versions and status.
In the Linux kernel, the following vulnerability has been resolved:
i2c: acpi: fix resource leak in reconfiguration device addition
acpi_i2c_find_adapter_by_handle() calls bus_find_device() which takes a reference on the adapter which is never released which will result in a reference count leak and render the adapter unremovable. Make sure to put the adapter after creating the client in the same manner that we do for OF.
[wsa: fixed title]
References
- https://access.redhat.com/security/cve/CVE-2021-47425
- https://git.kernel.org/stable/c/3d9d458a8aaafa47268ea4f1b4114a9f12927989
- https://git.kernel.org/stable/c/60bacf259e8c2eb2324f3e13275200baaee9494b
- https://git.kernel.org/stable/c/6558b646ce1c2a872fe1c2c7cb116f05a2c1950f
- https://git.kernel.org/stable/c/90f1077c9184ec2ae9989e4642f211263f301694
- https://git.kernel.org/stable/c/b8090a84d7758b929d348bafbd86bb7a10c5fb63
- https://git.kernel.org/stable/c/f86de018fd7a24ee07372d55ffa7824f0c674a95