Mondoo

Vulnerability Management
Technology
Services

Solutions

Financial Services
Manufacturing
Healthcare

Resources

Blog
Vulnerability Database
Documentation
GitHub

Company

About
Careers
Partners
Contact

Legal

Privacy
Terms
Imprint

Vulnerability IntelligenceCVE-2021-47345

CVE-2021-47345

MEDIUM5.5

RDMA/cma: Fix rdma_resolve_route() memory leak

Published May 21, 2024

Modified 3 months ago

Details

In the Linux kernel, the following vulnerability has been resolved:

RDMA/cma: Fix rdma_resolve_route() memory leak

Fix a memory leak when "mda_resolve_route() is called more than once on the same "rdma_cm_id".

This is possible if cma_query_handler() triggers the RDMA_CM_EVENT_ROUTE_ERROR flow which puts the state machine back and allows rdma_resolve_route() to be called again.

References

WEB

https://git.kernel.org/stable/c/032c68b4f5be128a2167f35b558b7cec88fe4972

WEB

https://git.kernel.org/stable/c/07583ba2e2d8947c3d365d97608cb436510885ac

WEB

https://git.kernel.org/stable/c/3d08b5917984f737f32d5bee9737b9075c3895c6

WEB

https://git.kernel.org/stable/c/40b613db3a95bc27998e4097d74c2f7e5d083a0b

WEB

https://git.kernel.org/stable/c/4893c938f2a140a74be91779e45e4a7fa111198f

WEB

https://git.kernel.org/stable/c/74f160ead74bfe5f2b38afb4fcf86189f9ff40c9

WEB

https://git.kernel.org/stable/c/e2da8ce2a9543f3ca5c93369bd1fe6eeb572101a

WEB

https://git.kernel.org/stable/c/e4e062da082a199357ba4911145f331d40139ad8

WEB

https://git.kernel.org/stable/c/f4f553d67236145fa5fd203ed7b35b9377e19939

ADVISORY

https://www.cve.org/CVERecord?id=CVE-2021-47345

CVSS Analysis

CVSS v3.1

5.5

Exploitability

Attack Vector

LocalAV:L

Attack Complexity

LowAC:L

Privileges Required

LowPR:L

User Interaction

NoneUI:N

Scope

UnchangedS:U

Impact

Confidentiality

NoneC:N

Integrity

NoneI:N

Availability

HighA:H

5.5/CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Ecosystems

Timeline

PublishedMay 21, 2024

ModifiedDec 18, 2025

CVE-2021-47345 | Mondoo Vulnerability Intelligence