Risk | Low |
Patch available | YES |
Number of vulnerabilities | 1 |
CVE-ID | CVE-2021-47054 |
CWE-ID | CWE-401 |
Exploitation vector | Local |
Public exploit | N/A |
Vulnerable software Subscribe |
Linux kernel Operating systems & Components / Operating system |
Vendor | Linux Foundation |
Security Bulletin
This security bulletin contains one low risk vulnerability.
EUVDB-ID: #VU91658
Risk: Low
CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-47054
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the qcom_ebi2_probe() function in drivers/bus/qcom-ebi2.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall update from vendor's website.
Vulnerable software versionsLinux kernel: All versions
External linkshttp://git.kernel.org/stable/c/a6191e91c10e50bd51db65a00e03d02b6b0cf8c4
http://git.kernel.org/stable/c/94810fc52925eb122a922df7f9966cf3f4ba7391
http://git.kernel.org/stable/c/a399dd80e697a02cfb23e2fc09b87849994043d9
http://git.kernel.org/stable/c/3a76ec28824c01b57aa1f0927841d75e4f167cb8
http://git.kernel.org/stable/c/00f6abd3509b1d70d0ab0fbe65ce5685cebed8be
http://git.kernel.org/stable/c/6b68c03dfc79cd95a58dfd03f91f6e82829a1b0c
http://git.kernel.org/stable/c/c6f8e0dc8da1cd78d640dee392071cc2326ec1b2
http://git.kernel.org/stable/c/ac6ad7c2a862d682bb584a4bc904d89fa7721af8
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.