How severe is CVE-2021-47214?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 5.5 out of 10.

What type of vulnerability is CVE-2021-47214?

This is classified as CWE-401, which is a common weakness in software security.

CVE-2021-47214

MEDIUM Year: 2021

CVSS v3 Score

5.5

Medium

Weakness Type

CWE-401

View all →

Vulnerability Description

In the Linux kernel, the following vulnerability has been resolved: hugetlb, userfaultfd: fix reservation restore on userfaultfd error Currently in the is_continue case in hugetlb_mcopy_atomic_pte(), if we bail out using "goto out_release_unlock;" in the cases where idx >= size, or !huge_pte_none(), the code will detect that new_pagecache_page == false, and so call restore_reserve_on_error(). In this case I see restore_reserve_on_error() delete the reservation, and the following call to remove_inode_hugepages() will increment h->resv_hugepages causing a 100% reproducible leak. We should treat the is_continue case similar to adding a page into the pagecache and set new_pagecache_page to true, to indicate that there is no reservation to restore on the error path, and we need not call restore_reserve_on_error(). Rename new_pagecache_page to page_in_pagecache to make that clear.

CVE-2010-2942

MEDIUM

CVSS:5.5(Medium)

The actions implementation in the network queueing functionality in the Linux kernel before 2.6.36-rc2 does not properly initialize certain structure members when performing dump operations, which all...

CWE-4012010

CVE-2017-9060

MEDIUM

CVSS:5.5(Medium)

Memory leak in the virtio_gpu_set_scanout function in hw/display/virtio-gpu.c in QEMU (aka Quick Emulator) allows local guest OS users to cause a denial of service (memory consumption) via a large num...

CWE-4012017

CVE-2017-9373

MEDIUM

CVSS:5.5(Medium)

Memory leak in QEMU (aka Quick Emulator), when built with IDE AHCI Emulation support, allows local guest OS privileged users to cause a denial of service (memory consumption) by repeatedly hot-unplugg...

CWE-4012017

CVE-2017-9374

MEDIUM

CVSS:5.5(Medium)

Memory leak in QEMU (aka Quick Emulator), when built with USB EHCI Emulation support, allows local guest OS privileged users to cause a denial of service (memory consumption) by repeatedly hot-unplugg...

CWE-4012017

CVE-2019-10649

MEDIUM

CVSS:5.5(Medium)

In ImageMagick 7.0.8-36 Q16, there is a memory leak in the function SVGKeyValuePairs of coders/svg.c, which allows an attacker to cause a denial of service via a crafted image file.

CWE-4012019

CVE-2019-11463

MEDIUM

CVSS:5.5(Medium)

A memory leak in archive_read_format_zip_cleanup in archive_read_support_format_zip.c in libarchive 3.3.4-dev allows remote attackers to cause a denial of service via a crafted ZIP file because of a H...

CWE-4012019

CVE-2021-47214

Vulnerability Description

Related Vulnerabilities

CVE-2010-2942

CVE-2017-9060

CVE-2017-9373

CVE-2017-9374

CVE-2019-10649

CVE-2019-11463