// For flags

CVE-2021-47133

HID: amd_sfh: Fix memory leak in amd_sfh_work

Severity Score

"-"
*CVSS v-

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

Track
*SSVC
Descriptions

In the Linux kernel, the following vulnerability has been resolved:

HID: amd_sfh: Fix memory leak in amd_sfh_work

Kmemleak tool detected a memory leak in the amd_sfh driver.

====================
unreferenced object 0xffff88810228ada0 (size 32):
comm "insmod", pid 3968, jiffies 4295056001 (age 775.792s)
hex dump (first 32 bytes):
00 20 73 1f 81 88 ff ff 00 01 00 00 00 00 ad de . s.............
22 01 00 00 00 00 ad de 01 00 02 00 00 00 00 00 "...............
backtrace:
[<000000007b4c8799>] kmem_cache_alloc_trace+0x163/0x4f0
[<0000000005326893>] amd_sfh_get_report+0xa4/0x1d0 [amd_sfh]
[<000000002a9e5ec4>] amdtp_hid_request+0x62/0x80 [amd_sfh]
[<00000000b8a95807>] sensor_hub_get_feature+0x145/0x270 [hid_sensor_hub]
[<00000000fda054ee>] hid_sensor_parse_common_attributes+0x215/0x460 [hid_sensor_iio_common]
[<0000000021279ecf>] hid_accel_3d_probe+0xff/0x4a0 [hid_sensor_accel_3d]
[<00000000915760ce>] platform_probe+0x6a/0xd0
[<0000000060258a1f>] really_probe+0x192/0x620
[<00000000fa812f2d>] driver_probe_device+0x14a/0x1d0
[<000000005e79f7fd>] __device_attach_driver+0xbd/0x110
[<0000000070d15018>] bus_for_each_drv+0xfd/0x160
[<0000000013a3c312>] __device_attach+0x18b/0x220
[<000000008c7b4afc>] device_initial_probe+0x13/0x20
[<00000000e6e99665>] bus_probe_device+0xfe/0x120
[<00000000833fa90b>] device_add+0x6a6/0xe00
[<00000000fa901078>] platform_device_add+0x180/0x380
====================

The fix is to freeing request_list entry once the processed entry is
removed from the request_list.

En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: HID: amd_sfh: Reparar pérdida de memoria en amd_sfh_work La herramienta Kmemleak detectó una pérdida de memoria en el controlador amd_sfh. ==================== objeto sin referencia 0xffff88810228ada0 (tamaño 32): comm "insmod", pid 3968, jiffies 4295056001 (edad 775,792 s) volcado hexadecimal (primeros 32 bytes) : 00 20 73 1f 81 88 ff ff 00 01 00 00 00 00 ad de . s................. 22 01 00 00 00 00 ad de 01 00 02 00 00 00 00 00 "................. retroceso: [&lt; 000000007b4c8799&gt;] kmem_cache_alloc_trace+0x163/0x4f0 [&lt;0000000005326893&gt;] amd_sfh_get_report+0xa4/0x1d0 [amd_sfh] [&lt;000000002a9e5ec4&gt;] amdtp_hid_request+0x6 2/0x80 [amd_sfh] [&lt;00000000b8a95807&gt;] sensor_hub_get_feature+0x145/0x270 [hid_sensor_hub] [&lt;00000000fda054ee &gt;] hid_sensor_parse_common_attributes+0x215/0x460 [hid_sensor_iio_common] [&lt;0000000021279ecf&gt;] hid_accel_3d_probe+0xff/0x4a0 [hid_sensor_accel_3d] [&lt;00000000915760ce&gt;] platform_probe+0x6a/0xd0 [ &lt;0000000060258a1f&gt;] very_probe+0x192/0x620 [&lt;00000000fa812f2d&gt;] driver_probe_device+ 0x14a/0x1d0 [&lt;000000005e79f7fd&gt;] __device_attach_driver+0xbd/0x110 [&lt;0000000070d15018&gt;] bus_for_each_drv+0xfd/0x160 [&lt;0000000013a3c312&gt;] __device_attach+0x1 8b/0x220 [&lt;000000008c7b4afc&gt;] dispositivo_sonda_inicial+0x13/0x20 [&lt;00000000e6e99665&gt;] bus_probe_dispositivo+ 0xfe/0x120 [&lt;00000000833fa90b&gt;] device_add+0x6a6/0xe00 [&lt;00000000fa901078&gt;] platform_device_add+0x180/0x380 ===================== La solución es liberar la entrada request_list una vez que la entrada procesada se elimina de request_list.

*Credits: N/A
CVSS Scores
Attack Vector
-
Attack Complexity
-
Privileges Required
-
User Interaction
-
Scope
-
Confidentiality
-
Integrity
-
Availability
-
* Common Vulnerability Scoring System
SSVC
  • Decision:Track
Exploitation
None
Automatable
No
Tech. Impact
Partial
* Organization's Worst-case Scenario
Timeline
  • 2024-03-04 CVE Reserved
  • 2024-03-15 CVE Published
  • 2024-03-16 EPSS Updated
  • 2024-12-19 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Linux
Search vendor "Linux"
Linux Kernel
Search vendor "Linux" for product "Linux Kernel"
>= 5.11 < 5.12.10
Search vendor "Linux" for product "Linux Kernel" and version " >= 5.11 < 5.12.10"
en
Affected
Linux
Search vendor "Linux"
Linux Kernel
Search vendor "Linux" for product "Linux Kernel"
>= 5.11 < 5.13
Search vendor "Linux" for product "Linux Kernel" and version " >= 5.11 < 5.13"
en
Affected