How severe is CVE-2021-47119?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 5.5 out of 10.

What type of vulnerability is CVE-2021-47119?

This is classified as CWE-401, which is a common weakness in software security.

CVE-2021-47119

MEDIUM Year: 2021

CVSS v3 Score

5.5

Medium

Weakness Type

CWE-401

View all →

Vulnerability Description

In the Linux kernel, the following vulnerability has been resolved: ext4: fix memory leak in ext4_fill_super Buffer head references must be released before calling kill_bdev(); otherwise the buffer head (and its page referenced by b_data) will not be freed by kill_bdev, and subsequently that bh will be leaked. If blocksizes differ, sb_set_blocksize() will kill current buffers and page cache by using kill_bdev(). And then super block will be reread again but using correct blocksize this time. sb_set_blocksize() didn't fully free superblock page and buffer head, and being busy, they were not freed and instead leaked. This can easily be reproduced by calling an infinite loop of: systemctl start <ext4_on_lvm>.mount, and systemctl stop <ext4_on_lvm>.mount ... since systemd creates a cgroup for each slice which it mounts, and the bh leak get amplified by a dying memory cgroup that also never gets freed, and memory consumption is much more easily noticed.

CVE-2010-2942

MEDIUM

CVSS:5.5(Medium)

The actions implementation in the network queueing functionality in the Linux kernel before 2.6.36-rc2 does not properly initialize certain structure members when performing dump operations, which all...

CWE-4012010

CVE-2017-9060

MEDIUM

CVSS:5.5(Medium)

Memory leak in the virtio_gpu_set_scanout function in hw/display/virtio-gpu.c in QEMU (aka Quick Emulator) allows local guest OS users to cause a denial of service (memory consumption) via a large num...

CWE-4012017

CVE-2017-9373

MEDIUM

CVSS:5.5(Medium)

Memory leak in QEMU (aka Quick Emulator), when built with IDE AHCI Emulation support, allows local guest OS privileged users to cause a denial of service (memory consumption) by repeatedly hot-unplugg...

CWE-4012017

CVE-2017-9374

MEDIUM

CVSS:5.5(Medium)

Memory leak in QEMU (aka Quick Emulator), when built with USB EHCI Emulation support, allows local guest OS privileged users to cause a denial of service (memory consumption) by repeatedly hot-unplugg...

CWE-4012017

CVE-2019-10649

MEDIUM

CVSS:5.5(Medium)

In ImageMagick 7.0.8-36 Q16, there is a memory leak in the function SVGKeyValuePairs of coders/svg.c, which allows an attacker to cause a denial of service via a crafted image file.

CWE-4012019

CVE-2019-11463

MEDIUM

CVSS:5.5(Medium)

A memory leak in archive_read_format_zip_cleanup in archive_read_support_format_zip.c in libarchive 3.3.4-dev allows remote attackers to cause a denial of service via a crafted ZIP file because of a H...

CWE-4012019

CVE-2021-47119

Vulnerability Description

Related Vulnerabilities

CVE-2010-2942

CVE-2017-9060

CVE-2017-9373

CVE-2017-9374

CVE-2019-10649

CVE-2019-11463