Resource Leak Affecting kernel-rt-trace-devel package, versions *
Threat Intelligence
Do your applications use this vulnerable package?
In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applications- Snyk ID SNYK-CENTOS7-KERNELRTTRACEDEVEL-7002885
- published 22 May 2024
- disclosed 21 May 2024
Introduced: 21 May 2024
New CVE-2021-47405 Open this link in a new tabHow to fix?
There is no fixed version for Centos:7 kernel-rt-trace-devel.
NVD Description
Note: Versions mentioned in the description apply only to the upstream kernel-rt-trace-devel package and not the kernel-rt-trace-devel package as distributed by Centos.
See How to fix? for Centos:7 relevant fixed versions and status.
In the Linux kernel, the following vulnerability has been resolved:
HID: usbhid: free raw_report buffers in usbhid_stop
Free the unsent raw_report buffers when the device is removed.
Fixes a memory leak reported by syzbot at: https://syzkaller.appspot.com/bug?id=7b4fa7cb1a7c2d3342a2a8a6c53371c8c418ab47
References
- https://access.redhat.com/security/cve/CVE-2021-47405
- https://git.kernel.org/stable/c/2b704864c92dcec2b295f276fcfbfb81d9831f81
- https://git.kernel.org/stable/c/764ac04de056801dfe52a716da63f6e7018e7f3b
- https://git.kernel.org/stable/c/7ce4e49146612261265671b1d30d117139021030
- https://git.kernel.org/stable/c/965147067fa1bedff3ae1f07ce3f89f1a14d2df3
- https://git.kernel.org/stable/c/c3156fea4d8a0e643625dff69a0421e872d1fdae
- https://git.kernel.org/stable/c/efc5c8d29256955cc90d8d570849b2d6121ed09f
- https://git.kernel.org/stable/c/f7744fa16b96da57187dc8e5634152d3b63d72de
- https://git.kernel.org/stable/c/f7ac4d24e1610b92689946fa88177673f1e88a3f