CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
AI Score
Confidence
High
EPSS
Percentile
9.0%
In the Linux kernel, the following vulnerability has been resolved:
mm/damon/dbgfs: fix ‘struct pid’ leaks in ‘dbgfs_target_ids_write()’ DAMON
debugfs interface increases the reference counts of 'struct pid’s for
targets from the ‘target_ids’ file write callback
(‘dbgfs_target_ids_write()’), but decreases the counts only in DAMON
monitoring termination callback (‘dbgfs_before_terminate()’). Therefore,
when ‘target_ids’ file is repeatedly written without DAMON monitoring
start/termination, the reference count is not decreased and therefore
memory for the ‘struct pid’ cannot be freed. This commit fixes this issue
by decreasing the reference counts when ‘target_ids’ is written.
git.kernel.org/linus/ebb3f994dd92f8fb4d70c7541091216c1e10cb71 (5.16-rc8)
git.kernel.org/stable/c/ebb3f994dd92f8fb4d70c7541091216c1e10cb71
git.kernel.org/stable/c/ffe4a1ba1a82c416a6b3a09d46594f6a885ae141
launchpad.net/bugs/cve/CVE-2021-46937
nvd.nist.gov/vuln/detail/CVE-2021-46937
security-tracker.debian.org/tracker/CVE-2021-46937
www.cve.org/CVERecord?id=CVE-2021-46937