Bugzilla – Bug 1222708
VUL-0: CVE-2021-47190: kernel: perf bpf: Avoid memory leak from perf_env__insert_btf()
Last modified: 2024-04-29 11:30:24 UTC
In the Linux kernel, the following vulnerability has been resolved: perf bpf: Avoid memory leak from perf_env__insert_btf() perf_env__insert_btf() doesn't insert if a duplicate BTF id is encountered and this causes a memory leak. Modify the function to return a success/error value and then free the memory if insertion didn't happen. v2. Adds a return -1 when the insertion error occurs in perf_env__fetch_btf. This doesn't affect anything as the result is never checked. References: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-47190 https://git.kernel.org/pub/scm/linux/security/vulns.git/plain/cve/published/2021/CVE-2021-47190.mbox https://git.kernel.org/stable/c/642fc22210a5e59d40b1e4d56d21ec3effd401f2 https://git.kernel.org/stable/c/11589d3144bc4e272e0aae46ce8156162e99babc https://git.kernel.org/stable/c/ab7c3d8d81c511ddfb27823fb07081c96422b56e https://git.kernel.org/stable/c/4924b1f7c46711762fd0e65c135ccfbcfd6ded1f https://www.cve.org/CVERecord?id=CVE-2021-47190 https://bugzilla.redhat.com/show_bug.cgi?id=2274619
This is already in SP5 via git-fixes but prior to SP6 we don't maintain userspace packages in kernel-git, rather the userspace package. Mon Dec 6 21:34:58 UTC 2021 - Tony Jones <tonyj@suse.com> - Apply latest git-fixes reported against kernel-source: - ASan reports memory leaks while running: New patch: perf-bench-Fix-two-memory-leaks-detected-with-ASan.patch >>>> - Resolve memory leak in BPF when attempting to insert duplicate id's >>>> New patch: perf-bpf-Avoid-memory-leak-from-perf_env__insert_btf.patch - Resolve failure to execute zstd test on !s390 systems New patch: perf-tests-Remove-bash-construct-from-record-zstd_comp_decomp.sh.patch $ grep 'Git-commit:' perf-bpf-Avoid-memory-leak-from-perf_env__insert_btf.patch Git-commit: 4924b1f7c46711762fd0e65c135ccfbcfd6ded1f