CVE-2021-47170

USB: usbfs: Don't WARN about excessively large memory allocations

Severity Score

"-"

*CVSS v-

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

Track

*SSVC

Descriptions

In the Linux kernel, the following vulnerability has been resolved:

USB: usbfs: Don't WARN about excessively large memory allocations

Syzbot found that the kernel generates a WARNing if the user tries to
submit a bulk transfer through usbfs with a buffer that is way too
large. This isn't a bug in the kernel; it's merely an invalid request
from the user and the usbfs code does handle it correctly.

In theory the same thing can happen with async transfers, or with the
packet descriptor table for isochronous transfers.

To prevent the MM subsystem from complaining about these bad
allocation requests, add the __GFP_NOWARN flag to the kmalloc calls
for these buffers.

En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: USB: usbfs: No ADVERTIR sobre asignaciones de memoria excesivamente grandes. Syzbot descubrió que el kernel genera una ADVERTENCIA si el usuario intenta enviar una transferencia masiva a través de usbfs con un búfer demasiado grande. Esto no es un error en el kernel; es simplemente una solicitud no válida del usuario y el código usbfs la maneja correctamente. En teoría, lo mismo puede suceder con las transferencias asíncronas o con la tabla de descriptores de paquetes para transferencias isócronas. Para evitar que el subsistema MM se queje de estas solicitudes de asignación incorrectas, agregue el indicador __GFP_NOWARN a las llamadas kmalloc para estos búferes.

*Credits: N/A

CVSS Scores

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality

Integrity

Availability

* Common Vulnerability Scoring System

SSVC

Decision:Track

Exploitation

None

Automatable

Tech. Impact

Partial

* Organization's Worst-case Scenario

Timeline

2024-03-25 CVE Reserved
2024-03-25 CVE Published
2024-03-26 EPSS Updated
2024-11-04 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CAPEC

References (5)

URL	Tag	Source

URL	Date	SRC

URL	Date	SRC
https://git.kernel.org/stable/c/2ab21d6e1411999b5fb43434f421f00bf50002eb	2021-06-03
https://git.kernel.org/stable/c/2c835fede13e03f2743a333e4370b5ed2db91e83	2021-06-03
https://git.kernel.org/stable/c/8d83f109e920d2776991fa142bb904d985dca2ed	2021-06-03
https://git.kernel.org/stable/c/9f7cb3f01a10d9064cf13b3d26fb7e7a5827d098	2021-06-03
https://git.kernel.org/stable/c/4f2629ea67e7225c3fd292c7fe4f5b3c9d6392de	2021-05-21

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				< 4.19.193 Search vendor "Linux" for product "Linux Kernel" and version " < 4.19.193"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				< 5.4.124 Search vendor "Linux" for product "Linux Kernel" and version " < 5.4.124"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				< 5.10.42 Search vendor "Linux" for product "Linux Kernel" and version " < 5.10.42"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				< 5.12.9 Search vendor "Linux" for product "Linux Kernel" and version " < 5.12.9"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				< 5.13 Search vendor "Linux" for product "Linux Kernel" and version " < 5.13"		en		Affected