CVE-2021-47173

misc/uss720: fix memory leak in uss720_probe

Severity Score

5.5

*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

Track

*SSVC

Descriptions

In the Linux kernel, the following vulnerability has been resolved:

misc/uss720: fix memory leak in uss720_probe

uss720_probe forgets to decrease the refcount of usbdev in uss720_probe.
Fix this by decreasing the refcount of usbdev by usb_put_dev.

BUG: memory leak
unreferenced object 0xffff888101113800 (size 2048):
comm "kworker/0:1", pid 7, jiffies 4294956777 (age 28.870s)
hex dump (first 32 bytes):
ff ff ff ff 31 00 00 00 00 00 00 00 00 00 00 00 ....1...........
00 00 00 00 00 00 00 00 00 00 00 00 03 00 00 00 ................
backtrace:
[<ffffffff82b8e822>] kmalloc include/linux/slab.h:554 [inline]
[<ffffffff82b8e822>] kzalloc include/linux/slab.h:684 [inline]
[<ffffffff82b8e822>] usb_alloc_dev+0x32/0x450 drivers/usb/core/usb.c:582
[<ffffffff82b98441>] hub_port_connect drivers/usb/core/hub.c:5129 [inline]
[<ffffffff82b98441>] hub_port_connect_change drivers/usb/core/hub.c:5363 [inline]
[<ffffffff82b98441>] port_event drivers/usb/core/hub.c:5509 [inline]
[<ffffffff82b98441>] hub_event+0x1171/0x20c0 drivers/usb/core/hub.c:5591
[<ffffffff81259229>] process_one_work+0x2c9/0x600 kernel/workqueue.c:2275
[<ffffffff81259b19>] worker_thread+0x59/0x5d0 kernel/workqueue.c:2421
[<ffffffff81261228>] kthread+0x178/0x1b0 kernel/kthread.c:292
[<ffffffff8100227f>] ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:294

En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: misc/uss720: corrige la pérdida de memoria en uss720_probe uss720_probe olvida disminuir el recuento de usbdev en uss720_probe. Solucione este problema disminuyendo el recuento de usbdev por usb_put_dev. ERROR: pérdida de memoria, objeto sin referencia 0xffff888101113800 (tamaño 2048): comunicación "kworker/0:1", pid 7, jiffies 4294956777 (edad 28,870 s) volcado hexadecimal (primeros 32 bytes): ff ff ff ff 31 00 00 00 00 00 00 00 00 00 00 00 ....1.......... 00 00 00 00 00 00 00 00 00 00 00 00 03 00 00 00 ................. ... seguimiento: [] kmalloc include/linux/slab.h:554 [en línea] [] kzalloc include/linux/slab.h:684 [en línea] [] usb_alloc_dev+0x32/ 0x450 controladores/usb/core/usb.c:582 [] hub_port_connect drivers/usb/core/hub.c:5129 [en línea] [] hub_port_connect_change drivers/usb/core/hub.c:5363 [ en línea] [] port_event drivers/usb/core/hub.c:5509 [en línea] [] hub_event+0x1171/0x20c0 drivers/usb/core/hub.c:5591 [] Process_one_work+ 0x2c9/0x600 kernel/workqueue.c:2275 [] trabajador_thread+0x59/0x5d0 kernel/workqueue.c:2421 [] kthread+0x178/0x1b0 kernel/kthread.c:292 [ ] ret_from_fork +0x1f/0x30 arco/x86/entrada/entrada_64.S:294

*Credits: N/A

CVSS Scores

NISTv3.1 5.5

Attack Vector

Local

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

High

* Common Vulnerability Scoring System

SSVC

Decision:Track

Exploitation

None

Automatable

Tech. Impact

Partial

* Organization's Worst-case Scenario

Timeline

2024-03-25 CVE Reserved
2024-03-25 CVE Published
2024-05-17 EPSS Updated
2024-08-04 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-401: Missing Release of Memory after Effective Lifetime

CAPEC

References (9)

URL	Tag	Source
https://git.kernel.org/stable/c/0f36163d3abefbda1b21a330b3fdf3c2dc076d94	Vuln. Introduced

URL	Date	SRC

URL	Date	SRC
https://git.kernel.org/stable/c/5f46b2410db2c8f26b8bb91b40deebf4ec184391	2021-06-03
https://git.kernel.org/stable/c/7889c70e6173ef358f3cd7578db127a489035a42	2021-06-03
https://git.kernel.org/stable/c/bcb30cc8f8befcbdbcf7a016e4dfd4747c54a364	2021-06-03
https://git.kernel.org/stable/c/386918878ce4cd676e4607233866e03c9399a46a	2021-06-03
https://git.kernel.org/stable/c/36b5ff1db1a4ef4fdbc2bae364344279f033ad88	2021-06-03
https://git.kernel.org/stable/c/5394ae9d8c7961dd93807fdf1b12a1dde96b0a55	2021-06-03
https://git.kernel.org/stable/c/a3c3face38cb49932c62adcc1289914f1c742096	2021-06-03
https://git.kernel.org/stable/c/dcb4b8ad6a448532d8b681b5d1a7036210b622de	2021-05-21

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 2.6.14 < 4.4.271 Search vendor "Linux" for product "Linux Kernel" and version " >= 2.6.14 < 4.4.271"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 2.6.14 < 4.9.271 Search vendor "Linux" for product "Linux Kernel" and version " >= 2.6.14 < 4.9.271"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 2.6.14 < 4.14.235 Search vendor "Linux" for product "Linux Kernel" and version " >= 2.6.14 < 4.14.235"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 2.6.14 < 4.19.193 Search vendor "Linux" for product "Linux Kernel" and version " >= 2.6.14 < 4.19.193"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 2.6.14 < 5.4.124 Search vendor "Linux" for product "Linux Kernel" and version " >= 2.6.14 < 5.4.124"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 2.6.14 < 5.10.42 Search vendor "Linux" for product "Linux Kernel" and version " >= 2.6.14 < 5.10.42"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 2.6.14 < 5.12.9 Search vendor "Linux" for product "Linux Kernel" and version " >= 2.6.14 < 5.12.9"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 2.6.14 < 5.13 Search vendor "Linux" for product "Linux Kernel" and version " >= 2.6.14 < 5.13"		en		Affected