CVE-2021-47416

phy: mdio: fix memory leak

Severity Score

"-"

*CVSS v-

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

Track

*SSVC

Descriptions

In the Linux kernel, the following vulnerability has been resolved:

phy: mdio: fix memory leak

Syzbot reported memory leak in MDIO bus interface, the problem was in
wrong state logic.

MDIOBUS_ALLOCATED indicates 2 states:
1. Bus is only allocated
2. Bus allocated and __mdiobus_register() fails, but
device_register() was called

In case of device_register() has been called we should call put_device()
to correctly free the memory allocated for this device, but mdiobus_free()
calls just kfree(dev) in case of MDIOBUS_ALLOCATED state

To avoid this behaviour we need to set bus->state to MDIOBUS_UNREGISTERED
_before_ calling device_register(), because put_device() should be
called even in case of device_register() failure.

En el kernel de Linux, se resolvió la siguiente vulnerabilidad: phy: mdio: arreglar pérdida de memoria. Syzbot informó una pérdida de memoria en la interfaz del bus MDIO, el problema estaba en una lógica de estado incorrecta. MDIOBUS_ALLOCATED indica 2 estados: 1. El bus solo está asignado 2. El bus asignado y __mdiobus_register() falla, pero se llamó a device_register() En caso de que se haya llamado a device_register() debemos llamar a put_device() para liberar correctamente la memoria asignada para esto dispositivo, pero mdiobus_free() llama solo a kfree(dev) en caso de estado MDIOBUS_ALLOCATED. Para evitar este comportamiento, necesitamos configurar bus->state en MDIOBUS_UNREGISTERED _antes_ de llamar a device_register(), porque put_device() debe llamarse incluso en caso de fallo de device_register( .

*Credits: N/A

CVSS Scores

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality

Integrity

Availability

* Common Vulnerability Scoring System

SSVC

Decision:Track

Exploitation

None

Automatable

Tech. Impact

Partial

* Organization's Worst-case Scenario

Timeline

2024-05-21 CVE Reserved
2024-05-21 CVE Published
2024-05-22 EPSS Updated
2024-08-04 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CAPEC

References (9)

URL	Tag	Source
https://git.kernel.org/stable/c/46abc02175b3c246dd5141d878f565a8725060c9	Vuln. Introduced

URL	Date	SRC

URL	Date	SRC
https://git.kernel.org/stable/c/25e9f88c7e3cc35f5e3d3db199660d28a15df639	2021-10-17
https://git.kernel.org/stable/c/2250392d930bd0d989f24d355d6355b0150256e7	2021-10-17
https://git.kernel.org/stable/c/f4f502a04ee1e543825af78f47eb7785015cd9f6	2021-10-17
https://git.kernel.org/stable/c/2397b9e118721292429fea8807a698e71b94795f	2021-10-13
https://git.kernel.org/stable/c/414bb4ead1362ef2c8592db723c017258f213988	2021-10-13
https://git.kernel.org/stable/c/0d2dd40a7be61b89a7c99dae8ee96389d27b413a	2021-10-13
https://git.kernel.org/stable/c/064c2616234a7394867c924b5c1303974f3a4f4d	2021-10-13
https://git.kernel.org/stable/c/ca6e11c337daf7925ff8a2aac8e84490a8691905	2021-10-01

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 2.6.28 < 4.4.289 Search vendor "Linux" for product "Linux Kernel" and version " >= 2.6.28 < 4.4.289"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 2.6.28 < 4.9.287 Search vendor "Linux" for product "Linux Kernel" and version " >= 2.6.28 < 4.9.287"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 2.6.28 < 4.14.251 Search vendor "Linux" for product "Linux Kernel" and version " >= 2.6.28 < 4.14.251"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 2.6.28 < 4.19.211 Search vendor "Linux" for product "Linux Kernel" and version " >= 2.6.28 < 4.19.211"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 2.6.28 < 5.4.153 Search vendor "Linux" for product "Linux Kernel" and version " >= 2.6.28 < 5.4.153"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 2.6.28 < 5.10.73 Search vendor "Linux" for product "Linux Kernel" and version " >= 2.6.28 < 5.10.73"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 2.6.28 < 5.14.12 Search vendor "Linux" for product "Linux Kernel" and version " >= 2.6.28 < 5.14.12"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 2.6.28 < 5.15 Search vendor "Linux" for product "Linux Kernel" and version " >= 2.6.28 < 5.15"		en		Affected