Main Vulnerability Database SB2024040860

SB2024040860 - Denial of service in Linux kernel

Published: April 8, 2024 Updated: May 14, 2025

Security Bulletin ID SB2024040860

Severity

Low

Patch available

YES

Number of vulnerabilities 1

Exploitation vector Local access

Highest impact Denial of service

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 1 security vulnerability.

1) Memory leak (CVE-ID: CVE-2021-46923)

The vulnerability allows a local user to perform DoS attack on the target system.

The vulnerability exists due memory leak within the SYSCALL_DEFINE5() function in fs/namespace.c. A local user can perform a denial of service attack.

Remediation

Install update from vendor's website.

References

https://git.kernel.org/stable/c/47b5d0a7532d39e42a938f81e3904268145c341d
https://git.kernel.org/stable/c/012e332286e2bb9f6ac77d195f17e74b2963d663
https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.15.13
https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.16