| From bippy-5f407fcff5a0 Mon Sep 17 00:00:00 2001 |
| From: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
| To: <linux-cve-announce@vger.kernel.org> |
| Reply-to: <cve@kernel.org>, <linux-kernel@vger.kernel.org> |
| Subject: CVE-2021-47345: RDMA/cma: Fix rdma_resolve_route() memory leak |
| |
| Description |
| =========== |
| |
| In the Linux kernel, the following vulnerability has been resolved: |
| |
| RDMA/cma: Fix rdma_resolve_route() memory leak |
| |
| Fix a memory leak when "mda_resolve_route() is called more than once on |
| the same "rdma_cm_id". |
| |
| This is possible if cma_query_handler() triggers the |
| RDMA_CM_EVENT_ROUTE_ERROR flow which puts the state machine back and |
| allows rdma_resolve_route() to be called again. |
| |
| The Linux kernel CVE team has assigned CVE-2021-47345 to this issue. |
| |
| |
| Affected and fixed versions |
| =========================== |
| |
| Fixed in 4.4.276 with commit 40b613db3a95bc27998e4097d74c2f7e5d083a0b |
| Fixed in 4.9.276 with commit e2da8ce2a9543f3ca5c93369bd1fe6eeb572101a |
| Fixed in 4.14.240 with commit e4e062da082a199357ba4911145f331d40139ad8 |
| Fixed in 4.19.198 with commit 4893c938f2a140a74be91779e45e4a7fa111198f |
| Fixed in 5.4.133 with commit 032c68b4f5be128a2167f35b558b7cec88fe4972 |
| Fixed in 5.10.51 with commit 3d08b5917984f737f32d5bee9737b9075c3895c6 |
| Fixed in 5.12.18 with commit f4f553d67236145fa5fd203ed7b35b9377e19939 |
| Fixed in 5.13.3 with commit 07583ba2e2d8947c3d365d97608cb436510885ac |
| Fixed in 5.14 with commit 74f160ead74bfe5f2b38afb4fcf86189f9ff40c9 |
| |
| Please see https://www.kernel.org for a full list of currently supported |
| kernel versions by the kernel community. |
| |
| Unaffected versions might change over time as fixes are backported to |
| older supported kernel versions. The official CVE entry at |
| https://cve.org/CVERecord/?id=CVE-2021-47345 |
| will be updated if fixes are backported, please check that for the most |
| up to date information about this issue. |
| |
| |
| Affected files |
| ============== |
| |
| The file(s) affected by this issue are: |
| drivers/infiniband/core/cma.c |
| |
| |
| Mitigation |
| ========== |
| |
| The Linux kernel CVE team recommends that you update to the latest |
| stable kernel version for this, and many other bugfixes. Individual |
| changes are never tested alone, but rather are part of a larger kernel |
| release. Cherry-picking individual commits is not recommended or |
| supported by the Linux kernel community at all. If however, updating to |
| the latest release is impossible, the individual changes to resolve this |
| issue can be found at these commits: |
| https://git.kernel.org/stable/c/40b613db3a95bc27998e4097d74c2f7e5d083a0b |
| https://git.kernel.org/stable/c/e2da8ce2a9543f3ca5c93369bd1fe6eeb572101a |
| https://git.kernel.org/stable/c/e4e062da082a199357ba4911145f331d40139ad8 |
| https://git.kernel.org/stable/c/4893c938f2a140a74be91779e45e4a7fa111198f |
| https://git.kernel.org/stable/c/032c68b4f5be128a2167f35b558b7cec88fe4972 |
| https://git.kernel.org/stable/c/3d08b5917984f737f32d5bee9737b9075c3895c6 |
| https://git.kernel.org/stable/c/f4f553d67236145fa5fd203ed7b35b9377e19939 |
| https://git.kernel.org/stable/c/07583ba2e2d8947c3d365d97608cb436510885ac |
| https://git.kernel.org/stable/c/74f160ead74bfe5f2b38afb4fcf86189f9ff40c9 |
