CVE-2021-47105

Public Exploit
ice: xsk: return xsk buffers back to pool when cleaning the ring

Description

In the Linux kernel, the following vulnerability has been resolved: ice: xsk: return xsk buffers back to pool when cleaning the ring Currently we only NULL the xdp_buff pointer in the internal SW ring but we never give it back to the xsk buffer pool. This means that buffers can be leaked out of the buff pool and never be used again. Add missing xsk_buff_free() call to the routine that is supposed to clean the entries that are left in the ring so that these buffers in the umem can be used by other sockets. Also, only go through the space that is actually left to be cleaned instead of a whole ring.

Category

5.5
CVSS
Severity: Medium
CVSS 3.1 •
EPSS 0.01%
Affected: Linux Linux
Affected: Linux Linux
Published at:
Updated at:

References

Link Tags
https://git.kernel.org/stable/c/ad6d20da2cfbe14b7b1200d15f39e65988b0b9e8 patch mailing list exploit
https://git.kernel.org/stable/c/afe8a3ba85ec2a6b6849367e25c06a2f8e0ddd05 patch mailing list exploit

Frequently Asked Questions

What is the severity of CVE-2021-47105?
CVE-2021-47105 has been scored as a medium severity vulnerability.
How to fix CVE-2021-47105?
To fix CVE-2021-47105, make sure you are using an up-to-date version of the affected component(s) by checking the vendor release notes. As for now, there are no other specific guidelines available.
Is CVE-2021-47105 being actively exploited in the wild?
It is possible that CVE-2021-47105 is being exploited or will be exploited in a near future based on public information. According to its EPSS score, there is a ~0% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2021-47105?
CVE-2021-47105 affects Linux Linux, Linux Linux.
This platform uses data from the NIST NVD, MITRE CVE, MITRE CWE, First.org and CISA KEV but is not endorsed or certified by these entities. CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site.
© 2025 Under My Watch. All Rights Reserved.