First published: Fri Mar 15 2024(Updated: )
In the Linux kernel, the following vulnerability has been resolved: sch_htb: fix refcount leak in htb_parent_to_leaf_offload The commit ae81feb7338c ("sch_htb: fix null pointer dereference on a null new_q") fixes a NULL pointer dereference bug, but it is not correct. Because htb_graft_helper properly handles the case when new_q is NULL, and after the previous patch by skipping this call which creates an inconsistency : dev_queue->qdisc will still point to the old qdisc, but cl->parent->leaf.q will point to the new one (which will be noop_qdisc, because new_q was NULL). The code is based on an assumption that these two pointers are the same, so it can lead to refcount leaks. The correct fix is to add a NULL pointer check to protect qdisc_refcount_inc inside htb_parent_to_leaf_offload.
Credit: 416baaa9-dc9f-4396-8d5f-8c081fb06d67
Affected Software | Affected Version | How to fix |
---|---|---|
Linux Kernel | >=5.12<5.12.10 | |
Linux Kernel | =5.13-rc1 | |
Linux Kernel | =5.13-rc2 | |
Linux Kernel | =5.13-rc3 | |
Linux Kernel | =5.13-rc4 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2021-47125 is classified as a medium severity vulnerability.
To address CVE-2021-47125, it is recommended to update the Linux kernel to a version above 5.12.10.
CVE-2021-47125 affects specific versions of the Linux kernel up to 5.12.10 and certain 5.13 release candidates.
CVE-2021-47125 is a reference count leak vulnerability in the Linux kernel's HTB (Hierarchical Token Bucket) scheduler.
As of now, there is no public indication that CVE-2021-47125 is being actively exploited in the wild.