CVE-2021-47258
📋 TL;DR
This CVE describes a memory leak vulnerability in the Linux kernel's SCSI subsystem. When scsi_host_alloc() fails during device initialization, improper cleanup leads to kernel memory leaks. This affects all Linux systems using SCSI storage devices.
💻 Affected Systems
- Linux kernel
📦 What is this software?
Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →⚠️ Risk & Real-World Impact
Worst Case
Sustained exploitation could cause kernel memory exhaustion leading to system instability, crashes, or denial of service.
Likely Case
Gradual memory consumption over time causing performance degradation, particularly on systems with frequent SCSI device initialization failures.
If Mitigated
With proper patching, no impact beyond normal system operation.
🎯 Exploit Status
Requires ability to trigger SCSI device initialization failures, typically requiring local access or specific conditions.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Multiple stable kernel versions with commits: 2dc85045ae65b9302a1d2e2ddd7ce4c030153a6a, 45d83db4728127944b237c0c8248987df9d478e7, 66a834d092930cf41d809c0e989b13cd6f9ca006, 79296e292d67fa7b5fb8d8c27343683e823872c8, 7a696ce1d5d16a33a6cd6400bbcc0339b2460e11
Vendor Advisory: https://git.kernel.org/stable/c/2dc85045ae65b9302a1d2e2ddd7ce4c030153a6a
Restart Required: Yes
Instructions:
1. Update Linux kernel to patched version from your distribution's repositories. 2. Reboot system to load new kernel. 3. Verify kernel version after reboot.
🔧 Temporary Workarounds
Disable SCSI device hotplug
linuxPrevent new SCSI devices from being initialized to avoid triggering the vulnerable code path
echo 'blacklist scsi_mod' > /etc/modprobe.d/disable-scsi.conf
update-initramfs -u
🧯 If You Can't Patch
- Monitor system memory usage for unusual increases
- Restrict local user access to prevent potential exploitation
🔍 How to Verify
Check if Vulnerable:
Check kernel version and compare with patched versions from kernel git repositoryCheck Version:
uname -rVerify Fix Applied:
Verify kernel version includes one of the fix commits: 2dc85045ae65b9302a1d2e2ddd7ce4c030153a6a or related patches📡 Detection & Monitoring
Log Indicators:
- Kernel oom-killer messages
- System memory exhaustion warnings
- SCSI device initialization failures in dmesg
Network Indicators:
- None - local vulnerability only
SIEM Query:
source="kernel" AND ("Out of memory" OR "oom-killer" OR "SCSI" AND "failed")🔗 References
- https://git.kernel.org/stable/c/2dc85045ae65b9302a1d2e2ddd7ce4c030153a6a
- https://git.kernel.org/stable/c/45d83db4728127944b237c0c8248987df9d478e7
- https://git.kernel.org/stable/c/66a834d092930cf41d809c0e989b13cd6f9ca006
- https://git.kernel.org/stable/c/79296e292d67fa7b5fb8d8c27343683e823872c8
- https://git.kernel.org/stable/c/7a696ce1d5d16a33a6cd6400bbcc0339b2460e11
- https://git.kernel.org/stable/c/8958181c1663e24a13434448e7d6b96b5d04900a
- https://git.kernel.org/stable/c/db08ce595dd64ea9859f7d088b51cbfc8e685c66
- https://git.kernel.org/stable/c/2dc85045ae65b9302a1d2e2ddd7ce4c030153a6a
- https://git.kernel.org/stable/c/45d83db4728127944b237c0c8248987df9d478e7
- https://git.kernel.org/stable/c/66a834d092930cf41d809c0e989b13cd6f9ca006
- https://git.kernel.org/stable/c/79296e292d67fa7b5fb8d8c27343683e823872c8
- https://git.kernel.org/stable/c/7a696ce1d5d16a33a6cd6400bbcc0339b2460e11
- https://git.kernel.org/stable/c/8958181c1663e24a13434448e7d6b96b5d04900a
- https://git.kernel.org/stable/c/db08ce595dd64ea9859f7d088b51cbfc8e685c66
