CVE-2021-47438: Vulnerability in Linux Linux
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix memory leak in mlx5_core_destroy_cq() error path Prior to this patch in case mlx5_core_destroy_cq() failed it returns without completing all destroy operations and that leads to memory leak. Instead, complete the destroy flow before return error. Also move mlx5_debug_cq_remove() to the beginning of mlx5_core_destroy_cq() to be symmetrical with mlx5_core_create_cq(). kmemleak complains on: unreferenced object 0xc000000038625100 (size 64): comm "ethtool", pid 28301, jiffies 4298062946 (age 785.380s) hex dump (first 32 bytes): 60 01 48 94 00 00 00 c0 b8 05 34 c3 00 00 00 c0 `.H.......4..... 02 00 00 00 00 00 00 00 00 db 7d c1 00 00 00 c0 ..........}..... backtrace: [<000000009e8643cb>] add_res_tree+0xd0/0x270 [mlx5_core] [<00000000e7cb8e6c>] mlx5_debug_cq_add+0x5c/0xc0 [mlx5_core] [<000000002a12918f>] mlx5_core_create_cq+0x1d0/0x2d0 [mlx5_core] [<00000000cef0a696>] mlx5e_create_cq+0x210/0x3f0 [mlx5_core] [<000000009c642c26>] mlx5e_open_cq+0xb4/0x130 [mlx5_core] [<0000000058dfa578>] mlx5e_ptp_open+0x7f4/0xe10 [mlx5_core] [<0000000081839561>] mlx5e_open_channels+0x9cc/0x13e0 [mlx5_core] [<0000000009cf05d4>] mlx5e_switch_priv_channels+0xa4/0x230 [mlx5_core] [<0000000042bbedd8>] mlx5e_safe_switch_params+0x14c/0x300 [mlx5_core] [<0000000004bc9db8>] set_pflag_tx_port_ts+0x9c/0x160 [mlx5_core] [<00000000a0553443>] mlx5e_set_priv_flags+0xd0/0x1b0 [mlx5_core] [<00000000a8f3d84b>] ethnl_set_privflags+0x234/0x2d0 [<00000000fd27f27c>] genl_family_rcv_msg_doit+0x108/0x1d0 [<00000000f495e2bb>] genl_family_rcv_msg+0xe4/0x1f0 [<00000000646c5c2c>] genl_rcv_msg+0x78/0x120 [<00000000d53e384e>] netlink_rcv_skb+0x74/0x1a0
AI Analysis
Technical Summary
CVE-2021-47438 is a vulnerability identified in the Linux kernel specifically related to the Mellanox mlx5_core driver, which is used for managing Mellanox network interface cards (NICs). The issue arises in the mlx5_core_destroy_cq() function, which is responsible for destroying completion queues (CQs) used in the network driver. Prior to the patch, if mlx5_core_destroy_cq() encountered an error, it would return prematurely without completing all necessary destroy operations, resulting in a memory leak. This incomplete cleanup could lead to unreferenced memory objects accumulating over time, as reported by kernel memory leak detection tools such as kmemleak. The patch fixes this by ensuring the destroy flow is fully completed before returning an error and by reordering the mlx5_debug_cq_remove() call to the beginning of mlx5_core_destroy_cq() to maintain symmetry with the creation flow. The vulnerability does not appear to allow direct code execution or privilege escalation but causes resource leakage in the kernel memory space. The technical details include a backtrace showing the call stack leading to the leak, involving functions related to CQ creation and destruction within the mlx5_core driver. This vulnerability affects Linux kernel versions containing the affected commit hashes referenced and is relevant to systems using Mellanox NICs with the mlx5 driver. No known exploits are reported in the wild, and no CVSS score has been assigned yet.
Potential Impact
For European organizations, the impact of CVE-2021-47438 primarily concerns the stability and reliability of Linux systems using Mellanox network cards. Memory leaks in kernel drivers can degrade system performance over time, potentially leading to resource exhaustion, degraded network throughput, or even system crashes if the leak is severe and persistent. This can affect critical infrastructure, data centers, cloud providers, and enterprises relying on high-performance networking hardware. While the vulnerability does not directly compromise confidentiality or integrity, the availability of affected systems may be impaired, impacting business continuity and service delivery. Organizations with large-scale deployments of Linux servers using Mellanox NICs, especially in networking, telecommunications, and HPC environments, are at higher risk. The absence of known exploits reduces immediate threat but does not eliminate the risk of future exploitation or operational issues caused by the leak.
Mitigation Recommendations
To mitigate CVE-2021-47438, European organizations should: 1) Apply the official Linux kernel patches that fix the mlx5_core_destroy_cq() memory leak as soon as they become available from trusted Linux distributions or kernel maintainers. 2) Monitor system logs and kernel memory leak detection tools (e.g., kmemleak) for signs of memory leaks related to mlx5_core to identify affected systems proactively. 3) Implement regular system reboots or driver reloads as a temporary workaround to clear leaked memory if patching is delayed. 4) Evaluate the necessity of using Mellanox mlx5-based NICs and consider alternative hardware or drivers if the environment is highly sensitive to stability issues. 5) Maintain up-to-date firmware and driver versions from Mellanox to ensure compatibility with kernel patches. 6) For critical systems, conduct thorough testing of kernel updates in staging environments to avoid unintended disruptions. These steps go beyond generic advice by focusing on proactive detection, hardware considerations, and operational workarounds specific to this vulnerability.
Affected Countries
Germany, France, United Kingdom, Netherlands, Sweden, Finland, Denmark, Ireland
CVE-2021-47438: Vulnerability in Linux Linux
Description
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix memory leak in mlx5_core_destroy_cq() error path Prior to this patch in case mlx5_core_destroy_cq() failed it returns without completing all destroy operations and that leads to memory leak. Instead, complete the destroy flow before return error. Also move mlx5_debug_cq_remove() to the beginning of mlx5_core_destroy_cq() to be symmetrical with mlx5_core_create_cq(). kmemleak complains on: unreferenced object 0xc000000038625100 (size 64): comm "ethtool", pid 28301, jiffies 4298062946 (age 785.380s) hex dump (first 32 bytes): 60 01 48 94 00 00 00 c0 b8 05 34 c3 00 00 00 c0 `.H.......4..... 02 00 00 00 00 00 00 00 00 db 7d c1 00 00 00 c0 ..........}..... backtrace: [<000000009e8643cb>] add_res_tree+0xd0/0x270 [mlx5_core] [<00000000e7cb8e6c>] mlx5_debug_cq_add+0x5c/0xc0 [mlx5_core] [<000000002a12918f>] mlx5_core_create_cq+0x1d0/0x2d0 [mlx5_core] [<00000000cef0a696>] mlx5e_create_cq+0x210/0x3f0 [mlx5_core] [<000000009c642c26>] mlx5e_open_cq+0xb4/0x130 [mlx5_core] [<0000000058dfa578>] mlx5e_ptp_open+0x7f4/0xe10 [mlx5_core] [<0000000081839561>] mlx5e_open_channels+0x9cc/0x13e0 [mlx5_core] [<0000000009cf05d4>] mlx5e_switch_priv_channels+0xa4/0x230 [mlx5_core] [<0000000042bbedd8>] mlx5e_safe_switch_params+0x14c/0x300 [mlx5_core] [<0000000004bc9db8>] set_pflag_tx_port_ts+0x9c/0x160 [mlx5_core] [<00000000a0553443>] mlx5e_set_priv_flags+0xd0/0x1b0 [mlx5_core] [<00000000a8f3d84b>] ethnl_set_privflags+0x234/0x2d0 [<00000000fd27f27c>] genl_family_rcv_msg_doit+0x108/0x1d0 [<00000000f495e2bb>] genl_family_rcv_msg+0xe4/0x1f0 [<00000000646c5c2c>] genl_rcv_msg+0x78/0x120 [<00000000d53e384e>] netlink_rcv_skb+0x74/0x1a0
AI-Powered Analysis
Technical Analysis
CVE-2021-47438 is a vulnerability identified in the Linux kernel specifically related to the Mellanox mlx5_core driver, which is used for managing Mellanox network interface cards (NICs). The issue arises in the mlx5_core_destroy_cq() function, which is responsible for destroying completion queues (CQs) used in the network driver. Prior to the patch, if mlx5_core_destroy_cq() encountered an error, it would return prematurely without completing all necessary destroy operations, resulting in a memory leak. This incomplete cleanup could lead to unreferenced memory objects accumulating over time, as reported by kernel memory leak detection tools such as kmemleak. The patch fixes this by ensuring the destroy flow is fully completed before returning an error and by reordering the mlx5_debug_cq_remove() call to the beginning of mlx5_core_destroy_cq() to maintain symmetry with the creation flow. The vulnerability does not appear to allow direct code execution or privilege escalation but causes resource leakage in the kernel memory space. The technical details include a backtrace showing the call stack leading to the leak, involving functions related to CQ creation and destruction within the mlx5_core driver. This vulnerability affects Linux kernel versions containing the affected commit hashes referenced and is relevant to systems using Mellanox NICs with the mlx5 driver. No known exploits are reported in the wild, and no CVSS score has been assigned yet.
Potential Impact
For European organizations, the impact of CVE-2021-47438 primarily concerns the stability and reliability of Linux systems using Mellanox network cards. Memory leaks in kernel drivers can degrade system performance over time, potentially leading to resource exhaustion, degraded network throughput, or even system crashes if the leak is severe and persistent. This can affect critical infrastructure, data centers, cloud providers, and enterprises relying on high-performance networking hardware. While the vulnerability does not directly compromise confidentiality or integrity, the availability of affected systems may be impaired, impacting business continuity and service delivery. Organizations with large-scale deployments of Linux servers using Mellanox NICs, especially in networking, telecommunications, and HPC environments, are at higher risk. The absence of known exploits reduces immediate threat but does not eliminate the risk of future exploitation or operational issues caused by the leak.
Mitigation Recommendations
To mitigate CVE-2021-47438, European organizations should: 1) Apply the official Linux kernel patches that fix the mlx5_core_destroy_cq() memory leak as soon as they become available from trusted Linux distributions or kernel maintainers. 2) Monitor system logs and kernel memory leak detection tools (e.g., kmemleak) for signs of memory leaks related to mlx5_core to identify affected systems proactively. 3) Implement regular system reboots or driver reloads as a temporary workaround to clear leaked memory if patching is delayed. 4) Evaluate the necessity of using Mellanox mlx5-based NICs and consider alternative hardware or drivers if the environment is highly sensitive to stability issues. 5) Maintain up-to-date firmware and driver versions from Mellanox to ensure compatibility with kernel patches. 6) For critical systems, conduct thorough testing of kernel updates in staging environments to avoid unintended disruptions. These steps go beyond generic advice by focusing on proactive detection, hardware considerations, and operational workarounds specific to this vulnerability.
Affected Countries
For access to advanced analysis and higher rate limits, contact root@offseq.com
Technical Details
- Data Version
- 5.1
- Assigner Short Name
- Linux
- Date Reserved
- 2024-05-21T14:58:30.831Z
- Cisa Enriched
- true
- Cvss Version
- null
- State
- PUBLISHED
Threat ID: 682d9833c4522896dcbe9132
Added to database: 5/21/2025, 9:09:07 AM
Last enriched: 6/30/2025, 1:10:11 PM
Last updated: 8/14/2025, 2:01:43 AM
Views: 15
Related Threats
CVE-2025-7390: CWE-295 Improper Certificate Validation in Softing Industrial Automation GmbH OPC UA C++ SDK
CriticalCVE-2025-53505: Improper limitation of a pathname to a restricted directory ('Path Traversal') in Intermesh BV Group-Office
MediumCVE-2025-53504: Cross-site scripting (XSS) in Intermesh BV Group-Office
MediumCVE-2025-48355: CWE-497 Exposure of Sensitive System Information to an Unauthorized Control Sphere in ProveSource LTD ProveSource Social Proof
MediumCVE-2025-57832
LowActions
Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.
External Links
Need enhanced features?
Contact root@offseq.com for Pro access with improved analysis and higher rate limits.