CVE-2021-46968
MEDIUMLinux Kernel < 5.10.36 - Memory Leak
Title source: ruleDescription
In the Linux kernel, the following vulnerability has been resolved: s390/zcrypt: fix zcard and zqueue hot-unplug memleak Tests with kvm and a kmemdebug kernel showed, that on hot unplug the zcard and zqueue structs for the unplugged card or queue are not properly freed because of a mismatch with get/put for the embedded kref counter. This fix now adjusts the handling of the kref counters. With init the kref counter starts with 1. This initial value needs to drop to zero with the unregister of the card or queue to trigger the release and free the object.
References (4)
Scores
CVSS v3
5.5
EPSS
0.0001
EPSS Percentile
3.0%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Classification
CWE
CWE-401
Status
published
Affected Products (1)
linux/linux_kernel
< 5.10.36
Timeline
Published
Feb 27, 2024
Tracked Since
Feb 18, 2026