CVE-2021-47249
📋 TL;DR
This vulnerability is a memory leak in the Linux kernel's RDS (Reliable Datagram Sockets) implementation. When rds_cmsg_recv() fails during message processing, the kernel fails to decrement a reference count, causing memory to be permanently allocated and unavailable for reuse. This affects any Linux system using RDS networking.
💻 Affected Systems
- Linux Kernel
📦 What is this software?
Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →⚠️ Risk & Real-World Impact
Worst Case
Sustained exploitation could lead to kernel memory exhaustion, causing system instability, denial of service, or potential kernel crashes.
Likely Case
Gradual memory consumption over time leading to performance degradation and eventual system instability requiring reboot.
If Mitigated
Minimal impact if RDS is not used or system has ample memory resources with monitoring in place.
🎯 Exploit Status
Exploitation requires ability to trigger RDS message processing with conditions that cause rds_cmsg_recv() to fail. This is a local DoS vulnerability, not remote code execution.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Fixed in kernel commits: 06b7cb0194bd1ede0dd27f3a946e7c0279fba44a, 1f79bc8ae81c05eb112a53f981cb2c244ee50d02, 2038cd15eacdf7512755c27686822e0052eb9042, 423c6939758fb3b9cf5abbd1e7792068a5c4ae8c, 49bfcbfd989a8f1f23e705759a6bb099de2cff9f
Vendor Advisory: https://git.kernel.org/stable/c/06b7cb0194bd1ede0dd27f3a946e7c0279fba44a
Restart Required: Yes
Instructions:
1. Update Linux kernel to version containing the fix commits. 2. Check your distribution's security advisories for specific patched kernel versions. 3. Reboot system after kernel update.
🔧 Temporary Workarounds
Disable RDS module
linuxPrevent loading of RDS kernel module if not required
echo 'install rds /bin/false' >> /etc/modprobe.d/disable-rds.conf
rmmod rds
Blacklist RDS module
linuxBlacklist RDS module to prevent automatic loading
echo 'blacklist rds' >> /etc/modprobe.d/blacklist-rds.conf
🧯 If You Can't Patch
- Disable RDS protocol if not required for system functionality
- Implement memory monitoring and alerting for abnormal kernel memory consumption
🔍 How to Verify
Check if Vulnerable:
Check if RDS module is loaded: lsmod | grep rds. Check kernel version against distribution's security advisories.Check Version:
uname -rVerify Fix Applied:
Verify kernel version includes fix commits. Check with: uname -r and compare with patched versions from distribution.📡 Detection & Monitoring
Log Indicators:
- Kernel oom-killer messages
- System logs showing memory exhaustion
- dmesg output showing memory allocation failures
Network Indicators:
- Unusual RDS traffic patterns if monitoring is enabled
SIEM Query:
source="kernel" AND ("out of memory" OR "oom-killer" OR "memory allocation failure")🔗 References
- https://git.kernel.org/stable/c/06b7cb0194bd1ede0dd27f3a946e7c0279fba44a
- https://git.kernel.org/stable/c/1f79bc8ae81c05eb112a53f981cb2c244ee50d02
- https://git.kernel.org/stable/c/2038cd15eacdf7512755c27686822e0052eb9042
- https://git.kernel.org/stable/c/423c6939758fb3b9cf5abbd1e7792068a5c4ae8c
- https://git.kernel.org/stable/c/49bfcbfd989a8f1f23e705759a6bb099de2cff9f
- https://git.kernel.org/stable/c/5946fbf48355f5a8caeff72580c7658da5966b86
- https://git.kernel.org/stable/c/8c3ec88b03e9e4ca117dcdc4204fd3edcd02084f
- https://git.kernel.org/stable/c/b25b60d076164edb3025e85aabd2cf50a5215b91
- https://git.kernel.org/stable/c/06b7cb0194bd1ede0dd27f3a946e7c0279fba44a
- https://git.kernel.org/stable/c/1f79bc8ae81c05eb112a53f981cb2c244ee50d02
- https://git.kernel.org/stable/c/2038cd15eacdf7512755c27686822e0052eb9042
- https://git.kernel.org/stable/c/423c6939758fb3b9cf5abbd1e7792068a5c4ae8c
- https://git.kernel.org/stable/c/49bfcbfd989a8f1f23e705759a6bb099de2cff9f
- https://git.kernel.org/stable/c/5946fbf48355f5a8caeff72580c7658da5966b86
- https://git.kernel.org/stable/c/8c3ec88b03e9e4ca117dcdc4204fd3edcd02084f
- https://git.kernel.org/stable/c/b25b60d076164edb3025e85aabd2cf50a5215b91
