CVE-2021-47058
regmap: set debugfs_name to NULL after it is freed
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
In the Linux kernel, the following vulnerability has been resolved:
regmap: set debugfs_name to NULL after it is freed
There is a upstream commit cffa4b2122f5("regmap:debugfs:
Fix a memory leak when calling regmap_attach_dev") that
adds a if condition when create name for debugfs_name.
With below function invoking logical, debugfs_name is
freed in regmap_debugfs_exit(), but it is not created again
because of the if condition introduced by above commit.
regmap_reinit_cache()
regmap_debugfs_exit()
...
regmap_debugfs_init()
So, set debugfs_name to NULL after it is freed.
En el kernel de Linux, se resolvió la siguiente vulnerabilidad: regmap: establece debugfs_name en NULL después de liberarlo. Hay una confirmación ascendente cffa4b2122f5("regmap:debugfs: corrige una pérdida de memoria al llamar a regmap_attach_dev") que agrega una condición if al crear nombre para debugfs_name. Con la siguiente función que invoca lógica, debugfs_name se libera en regmap_debugfs_exit(), pero no se vuelve a crear debido a la condición if introducida por la confirmación anterior. regmap_reinit_cache() regmap_debugfs_exit() ... regmap_debugfs_init() Entonces, establezca debugfs_name en NULL después de liberarlo.
CVSS Scores
SSVC
- Decision:Track
Timeline
- 2024-02-29 CVE Reserved
- 2024-02-29 CVE Published
- 2024-03-01 EPSS Updated
- 2024-08-04 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
CAPEC
References (10)
| URL | Tag | Source |
|---|---|---|
| https://git.kernel.org/stable/c/5b654b03007917f3f1015b2a5c288c1ea6ae8f65 | Vuln. Introduced | |
| https://git.kernel.org/stable/c/480c5e9c7e4c76c01d5f1f7b73832d7b77e6b427 | Vuln. Introduced | |
| https://git.kernel.org/stable/c/c9698380b01aed3281160d3ab25749b57d6913b8 | Vuln. Introduced | |
| https://git.kernel.org/stable/c/cffa4b2122f5f3e53cf3d529bbc74651f95856d5 | Vuln. Introduced |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 4.19.168 < 4.19.191 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.19.168 < 4.19.191" | en |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 5.4.90 < 5.4.119 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.4.90 < 5.4.119" | en |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 5.10.8 < 5.10.37 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.10.8 < 5.10.37" | en |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 5.11 < 5.11.21 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.11 < 5.11.21" | en |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 5.11 < 5.12.4 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.11 < 5.12.4" | en |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 5.11 < 5.13 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.11 < 5.13" | en |
Affected
| ||||||