CVE-2021-47538
📋 TL;DR
This CVE describes a memory leak vulnerability in the Linux kernel's rxrpc subsystem. When the kernel fails to properly release a local reference in the rxrpc_lookup_peer() function, it can lead to resource exhaustion. This affects systems running vulnerable Linux kernel versions with the rxrpc module loaded.
💻 Affected Systems
- Linux kernel
📦 What is this software?
Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →⚠️ Risk & Real-World Impact
Worst Case
Sustained exploitation could lead to kernel memory exhaustion, causing system instability, denial of service, or potential kernel crashes.
Likely Case
Memory leak gradually consumes kernel resources, potentially leading to performance degradation or system instability over time.
If Mitigated
With proper monitoring and resource limits, impact is limited to potential performance issues rather than complete system failure.
🎯 Exploit Status
Requires ability to trigger rxrpc functionality and local access. Memory leaks are generally harder to weaponize than direct code execution vulnerabilities.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Kernel versions containing the referenced git commits: 3e70e3a72d80b16094faccbe438cd53761c3503a and related commits
Vendor Advisory: https://git.kernel.org/stable/c/3e70e3a72d80b16094faccbe438cd53761c3503a
Restart Required: Yes
Instructions:
1. Update to a kernel version containing the fix commits. 2. Check with your distribution for specific patched kernel packages. 3. Reboot the system after kernel update.
🔧 Temporary Workarounds
Unload rxrpc module
linuxIf rxrpc functionality is not needed, unload the module to prevent vulnerability exposure
sudo rmmod rxrpc
Blacklist rxrpc module
linuxPrevent rxrpc module from loading automatically
echo 'blacklist rxrpc' | sudo tee /etc/modprobe.d/blacklist-rxrpc.conf
🧯 If You Can't Patch
- Monitor kernel memory usage and system stability metrics
- Implement strict access controls to limit who can trigger rxrpc functionality
🔍 How to Verify
Check if Vulnerable:
Check if rxrpc module is loaded: lsmod | grep rxrpc. If loaded, check kernel version against affected versions.Check Version:
uname -rVerify Fix Applied:
Verify kernel version is updated to one containing the fix commits, and confirm rxrpc module behavior doesn't cause memory leaks.📡 Detection & Monitoring
Log Indicators:
- Kernel oom-killer events
- System instability logs
- Memory pressure warnings in dmesg
Network Indicators:
- Unusual rxrpc traffic patterns if module is in use
SIEM Query:
source="kernel" AND ("out of memory" OR "oom-killer" OR "memory pressure")🔗 References
- https://git.kernel.org/stable/c/3e70e3a72d80b16094faccbe438cd53761c3503a
- https://git.kernel.org/stable/c/60f0b9c42cb80833a03ca57c1c8b078d716e71d1
- https://git.kernel.org/stable/c/913c24af2d13a3fd304462916ee98e298d56bdce
- https://git.kernel.org/stable/c/9469273e616ca8f1b6e3773c5019f21b4c8d828c
- https://git.kernel.org/stable/c/beacff50edbd6c9659a6f15fc7f6126909fade29
- https://git.kernel.org/stable/c/3e70e3a72d80b16094faccbe438cd53761c3503a
- https://git.kernel.org/stable/c/60f0b9c42cb80833a03ca57c1c8b078d716e71d1
- https://git.kernel.org/stable/c/913c24af2d13a3fd304462916ee98e298d56bdce
- https://git.kernel.org/stable/c/9469273e616ca8f1b6e3773c5019f21b4c8d828c
- https://git.kernel.org/stable/c/beacff50edbd6c9659a6f15fc7f6126909fade29
