CVE-2021-47327 Affecting kernel-rt-kvm package, versions *
Threat Intelligence
Do your applications use this vulnerable package?
In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applications- Snyk ID SNYK-CENTOS8-KERNELRTKVM-6982544
- published 22 May 2024
- disclosed 21 May 2024
Introduced: 21 May 2024
CVE-2021-47327 Open this link in a new tabHow to fix?
There is no fixed version for Centos:8
kernel-rt-kvm
.
NVD Description
Note: Versions mentioned in the description apply only to the upstream kernel-rt-kvm
package and not the kernel-rt-kvm
package as distributed by Centos
.
See How to fix?
for Centos:8
relevant fixed versions and status.
In the Linux kernel, the following vulnerability has been resolved:
iommu/arm-smmu: Fix arm_smmu_device refcount leak when arm_smmu_rpm_get fails
arm_smmu_rpm_get() invokes pm_runtime_get_sync(), which increases the refcount of the "smmu" even though the return value is less than 0.
The reference counting issue happens in some error handling paths of arm_smmu_rpm_get() in its caller functions. When arm_smmu_rpm_get() fails, the caller functions forget to decrease the refcount of "smmu" increased by arm_smmu_rpm_get(), causing a refcount leak.
Fix this issue by calling pm_runtime_resume_and_get() instead of pm_runtime_get_sync() in arm_smmu_rpm_get(), which can keep the refcount balanced in case of failure.
References
- https://access.redhat.com/security/cve/CVE-2021-47327
- https://git.kernel.org/stable/c/1adf30f198c26539a62d761e45af72cde570413d
- https://git.kernel.org/stable/c/3761ae0d0e549f2acdaf11f49df4ed06d256b20f
- https://git.kernel.org/stable/c/c4007596fbdabc29f858dc2e1990858a146b60b2
- https://git.kernel.org/stable/c/fbf4daa6f4105e01fbd3868006f65c163365c1e3
- https://git.kernel.org/stable/c/fe92c058199067ae90cf2a901ddf3c271893557a