CVE-2021-47119

Source
https://nvd.nist.gov/vuln/detail/CVE-2021-47119
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-47119.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2021-47119
Related
Published
2024-03-15T21:15:07Z
Modified
2024-09-18T01:00:21Z
Summary
[none]
Details

In the Linux kernel, the following vulnerability has been resolved:

ext4: fix memory leak in ext4fillsuper

Buffer head references must be released before calling killbdev(); otherwise the buffer head (and its page referenced by bdata) will not be freed by kill_bdev, and subsequently that bh will be leaked.

If blocksizes differ, sbsetblocksize() will kill current buffers and page cache by using killbdev(). And then super block will be reread again but using correct blocksize this time. sbset_blocksize() didn't fully free superblock page and buffer head, and being busy, they were not freed and instead leaked.

This can easily be reproduced by calling an infinite loop of:

systemctl start <ext4_on_lvm>.mount, and systemctl stop <ext4_on_lvm>.mount

... since systemd creates a cgroup for each slice which it mounts, and the bh leak get amplified by a dying memory cgroup that also never gets freed, and memory consumption is much more easily noticed.

References

Affected packages

Debian:11 / linux

Package

Name
linux
Purl
pkg:deb/debian/linux?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.10.46-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:12 / linux

Package

Name
linux
Purl
pkg:deb/debian/linux?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.10.46-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:13 / linux

Package

Name
linux
Purl
pkg:deb/debian/linux?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.10.46-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}