CVE-2021-47405

HID: usbhid: free raw_report buffers in usbhid_stop

Severity Score

"-"

*CVSS v-

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

Track

*SSVC

Descriptions

In the Linux kernel, the following vulnerability has been resolved:

HID: usbhid: free raw_report buffers in usbhid_stop

Free the unsent raw_report buffers when the device is removed.

Fixes a memory leak reported by syzbot at:
https://syzkaller.appspot.com/bug?id=7b4fa7cb1a7c2d3342a2a8a6c53371c8c418ab47

En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: HID: usbhid: buffers raw_report libres en usbhid_stop. Libera los buffers raw_report no enviados cuando se elimina el dispositivo. Corrige una pérdida de memoria informada por syzbot en: https://syzkaller.appspot.com/bug?id=7b4fa7cb1a7c2d3342a2a8a6c53371c8c418ab47

*Credits: N/A

CVSS Scores

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality

Integrity

Availability

* Common Vulnerability Scoring System

SSVC

Decision:Track

Exploitation

None

Automatable

Tech. Impact

Partial

* Organization's Worst-case Scenario

Timeline

2024-05-21 CVE Reserved
2024-05-21 CVE Published
2024-05-22 EPSS Updated
2024-09-11 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CAPEC

References (8)

URL	Tag	Source

URL	Date	SRC

URL	Date	SRC
https://git.kernel.org/stable/c/7ce4e49146612261265671b1d30d117139021030	2021-10-06
https://git.kernel.org/stable/c/efc5c8d29256955cc90d8d570849b2d6121ed09f	2021-10-06
https://git.kernel.org/stable/c/c3156fea4d8a0e643625dff69a0421e872d1fdae	2021-10-06
https://git.kernel.org/stable/c/764ac04de056801dfe52a716da63f6e7018e7f3b	2021-10-06
https://git.kernel.org/stable/c/965147067fa1bedff3ae1f07ce3f89f1a14d2df3	2021-10-06
https://git.kernel.org/stable/c/f7ac4d24e1610b92689946fa88177673f1e88a3f	2021-10-06
https://git.kernel.org/stable/c/2b704864c92dcec2b295f276fcfbfb81d9831f81	2021-10-07
https://git.kernel.org/stable/c/f7744fa16b96da57187dc8e5634152d3b63d72de	2021-07-28

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				< 4.4.286 Search vendor "Linux" for product "Linux Kernel" and version " < 4.4.286"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				< 4.9.285 Search vendor "Linux" for product "Linux Kernel" and version " < 4.9.285"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				< 4.14.249 Search vendor "Linux" for product "Linux Kernel" and version " < 4.14.249"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				< 4.19.209 Search vendor "Linux" for product "Linux Kernel" and version " < 4.19.209"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				< 5.4.151 Search vendor "Linux" for product "Linux Kernel" and version " < 5.4.151"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				< 5.10.71 Search vendor "Linux" for product "Linux Kernel" and version " < 5.10.71"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				< 5.14.10 Search vendor "Linux" for product "Linux Kernel" and version " < 5.14.10"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				< 5.15 Search vendor "Linux" for product "Linux Kernel" and version " < 5.15"		en		Affected