CVE-2021-47058

regmap: set debugfs_name to NULL after it is freed

Severity Score

5.1

*CVSS v3

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

Track

*SSVC

Descriptions

In the Linux kernel, the following vulnerability has been resolved: regmap: set debugfs_name to NULL after it is freed There is a upstream commit cffa4b2122f5("regmap:debugfs:
Fix a memory leak when calling regmap_attach_dev") that
adds a if condition when create name for debugfs_name.
With below function invoking logical, debugfs_name is
freed in regmap_debugfs_exit(), but it is not created again
because of the if condition introduced by above commit.
regmap_reinit_cache() regmap_debugfs_exit() ... regmap_debugfs_init()
So, set debugfs_name to NULL after it is freed.

En el kernel de Linux, se resolvió la siguiente vulnerabilidad: regmap: establece debugfs_name en NULL después de liberarlo. Hay una confirmación ascendente cffa4b2122f5("regmap:debugfs: corrige una pérdida de memoria al llamar a regmap_attach_dev") que agrega una condición if al crear nombre para debugfs_name. Con la siguiente función que invoca lógica, debugfs_name se libera en regmap_debugfs_exit(), pero no se vuelve a crear debido a la condición if introducida por la confirmación anterior. regmap_reinit_cache() regmap_debugfs_exit() ... regmap_debugfs_init() Entonces, establezca debugfs_name en NULL después de liberarlo.

In the Linux kernel, the following vulnerability has been resolved: regmap: set debugfs_name to NULL after it is freed There is a upstream commit cffa4b2122f5("regmap:debugfs: Fix a memory leak when calling regmap_attach_dev") that adds a if condition when create name for debugfs_name. With below function invoking logical, debugfs_name is freed in regmap_debugfs_exit(), but it is not created again because of the if condition introduced by above commit. regmap_reinit_cache() regmap_debugfs_exit() ... regmap_debugfs_init() So, set debugfs_name to NULL after it is freed.

*Credits: N/A

Attack Vector

Local

Attack Complexity

Low

Privileges Required

High

User Interaction

None

Scope

Unchanged

Confidentiality

Low

Integrity

None

Availability

High

Attack Vector

Local

Attack Complexity

Low

Authentication

Multiple

Confidentiality

Partial

Integrity

None

Availability

Complete

* Common Vulnerability Scoring System

SSVC

Decision:Track

Exploitation

None

Automatable

Tech. Impact

Partial

* Organization's Worst-case Scenario

Timeline

2024-02-29 CVE Reserved
2024-02-29 CVE Published
2024-12-17 EPSS Updated
2024-12-19 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CAPEC

References (10)

URL	Tag	Source
https://git.kernel.org/stable/c/5b654b03007917f3f1015b2a5c288c1ea6ae8f65	Vuln. Introduced
https://git.kernel.org/stable/c/480c5e9c7e4c76c01d5f1f7b73832d7b77e6b427	Vuln. Introduced
https://git.kernel.org/stable/c/c9698380b01aed3281160d3ab25749b57d6913b8	Vuln. Introduced
https://git.kernel.org/stable/c/cffa4b2122f5f3e53cf3d529bbc74651f95856d5	Vuln. Introduced

URL	Date	SRC

URL	Date	SRC
https://git.kernel.org/stable/c/2dc1554d5f0fdaf47cc5bea442b84b9226fea867	2021-05-22
https://git.kernel.org/stable/c/d8897f7b2283a500666c85ef06e820df38ed7b52	2021-05-14
https://git.kernel.org/stable/c/eb949f891226c012138ffd9df90d1e509f428ae6	2021-05-14
https://git.kernel.org/stable/c/c764e375ae647832de1ee73d43a4bb3ef8a8f43d	2021-05-14
https://git.kernel.org/stable/c/b9e569ae1da3a113b3acee8703c94777fd20938a	2021-05-14
https://git.kernel.org/stable/c/e41a962f82e7afb5b1ee644f48ad0b3aee656268	2021-03-10

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.19.168 < 4.19.191 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.19.168 < 4.19.191"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 5.4.90 < 5.4.119 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.4.90 < 5.4.119"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 5.10.8 < 5.10.37 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.10.8 < 5.10.37"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 5.11 < 5.11.21 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.11 < 5.11.21"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 5.11 < 5.12.4 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.11 < 5.12.4"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 5.11 < 5.13 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.11 < 5.13"		en		Affected