SB2024053064 - Memory leak in Linux kernel nfs

Description

This security bulletin contains information about 1 security vulnerability.

1) Memory leak (CVE-ID: CVE-2021-47320)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the nfs3_proc_create() and nfs3_proc_mknod() functions in fs/nfs/nfs3proc.c. A local user can perform a denial of service (DoS) attack.

Remediation

Install update from vendor's website.

References

• https://git.kernel.org/stable/c/2e3960f276b4574a9bb0dfa31a7497302f6363b2
• https://git.kernel.org/stable/c/cef9d9acb7c80ed6bace894b6334557fd493863b
• https://git.kernel.org/stable/c/8a2b308a54c5ec224fedc753617f99b29ffcd883
• https://git.kernel.org/stable/c/0704f617040c397ae73c1f88f3956787ec5d6529
• https://git.kernel.org/stable/c/d0b32dc1409f7e65e4fcc34e236462268e69a357
• https://git.kernel.org/stable/c/4b515308ab875c7e8ada8e606fe0c64762da5ed4
• https://git.kernel.org/stable/c/c8fc86e9df6a6a03f5a8e15a3b7a5c75fd05aa38
• https://git.kernel.org/stable/c/687cf32865b2d6960214bce523f2afac58dd3cd2
• https://git.kernel.org/stable/c/1fcb6fcd74a222d9ead54d405842fc763bb86262
• https://mirrors.edge.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.240
• https://mirrors.edge.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.198
• https://mirrors.edge.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.276
• https://mirrors.edge.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.276
• https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.52
• https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.12.19
• https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.13.4
• https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.14
• https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.134