CVE-2021-29649: 
CBL Mariner vulnerability analysis and mitigation

CVE-2021-29649 is a memory leak vulnerability discovered in the Linux kernel versions before 5.11.11. The issue exists in the user mode driver (UMD) implementation, specifically related to a copyprocess() memory leak due to lack of cleanup steps in kernel/usermodedriver.c and kernel/bpf/preload/bpfpreloadkern.c (NVD).

The vulnerability stems from improper resource cleanup in the UMD implementation. When the UMD process exits, resources including pipetoumh, pipefromumh, and tgid were not being properly released, leading to memory leaks. The issue was assigned a CVSS v3.1 Base Score of 5.5 (Medium) with vector CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H (NVD).

The vulnerability can be exploited by a local attacker to cause a denial of service condition through memory exhaustion. The memory leak occurs when the user mode driver process exits without proper cleanup of allocated resources (Fedora).

The vulnerability was fixed in Linux kernel version 5.11.11 by adding proper cleanup steps for UMD resources. The fix includes releasing pipetoumh, pipefromumh, and tgid when the UMD process exits. Users should upgrade to kernel version 5.11.11 or later to address this vulnerability (Linux Kernel).