Bugzilla – Bug 1225469
VUL-0: REJECTED: CVE-2021-47545: kernel: perf hist: Fix memory leak of a perf_hpp_fmt
Last modified: 2024-06-14 09:55:53 UTC
In the Linux kernel, the following vulnerability has been resolved: perf hist: Fix memory leak of a perf_hpp_fmt perf_hpp__column_unregister() removes an entry from a list but doesn't free the memory causing a memory leak spotted by leak sanitizer. Add the free while at the same time reducing the scope of the function to static. References: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-47545 https://www.cve.org/CVERecord?id=CVE-2021-47545 https://git.kernel.org/stable/c/0ca1f534a776cc7d42f2c33da4732b74ec2790cd https://git.kernel.org/stable/c/24a139c105fa0f7f99888cf328bf6a02fc841675 https://git.kernel.org/stable/c/5b5c6f57a1f81499db4c8ea597898cb1b87de0b6 https://git.kernel.org/stable/c/a4c17ebdd6249cb4e061358d3693383f6628e069 https://git.kernel.org/stable/c/b380d09e44e8479e71e3ae8446b515a5b3166244 https://git.kernel.org/stable/c/c5c8a26c0dc69a400553245e92d741fe55f91095 https://git.kernel.org/pub/scm/linux/security/vulns.git/plain/cve/published/2021/CVE-2021-47545.mbox https://bugzilla.redhat.com/show_bug.cgi?id=2283404
same as bsc#1225456 again this is userspace code. short duration at that. Are we going to get a CVE for every userspace memory leak (tools/perf) if so that is going to be a problem as there are lots of them. I don't view their severity as anywhere near as serious as a kernel leak.
CVE is now REJECTED. https://lore.kernel.org/linux-cve-announce/2024061308-REJECTED-36c5@gregkh/ Thanks all.