ghsa-6hjm-9p27-2qv2
Vulnerability from github
Published
2024-05-22 09:31
Modified
2024-05-22 09:31
Details

In the Linux kernel, the following vulnerability has been resolved:

net: mdiobus: Fix memory leak in __mdiobus_register

Once device_register() failed, we should call put_device() to decrement reference count for cleanup. Or it will cause memory leak.

BUG: memory leak unreferenced object 0xffff888114032e00 (size 256): comm "kworker/1:3", pid 2960, jiffies 4294943572 (age 15.920s) hex dump (first 32 bytes): 00 00 00 00 00 00 00 00 08 2e 03 14 81 88 ff ff ................ 08 2e 03 14 81 88 ff ff 90 76 65 82 ff ff ff ff .........ve..... backtrace: [] kmalloc include/linux/slab.h:591 [inline] [] kzalloc include/linux/slab.h:721 [inline] [] device_private_init drivers/base/core.c:3203 [inline] [] device_add+0x89b/0xdf0 drivers/base/core.c:3253 [] __mdiobus_register+0xc3/0x450 drivers/net/phy/mdio_bus.c:537 [] __devm_mdiobus_register+0x75/0xf0 drivers/net/phy/mdio_devres.c:87 [] ax88772_init_mdio drivers/net/usb/asix_devices.c:676 [inline] [] ax88772_bind+0x330/0x480 drivers/net/usb/asix_devices.c:786 [] usbnet_probe+0x3ff/0xdf0 drivers/net/usb/usbnet.c:1745 [] usb_probe_interface+0x177/0x370 drivers/usb/core/driver.c:396 [] call_driver_probe drivers/base/dd.c:517 [inline] [] really_probe.part.0+0xe7/0x380 drivers/base/dd.c:596 [] really_probe drivers/base/dd.c:558 [inline] [] __driver_probe_device+0x10c/0x1e0 drivers/base/dd.c:751 [] driver_probe_device+0x2a/0x120 drivers/base/dd.c:781 [] __device_attach_driver+0xf6/0x140 drivers/base/dd.c:898 [] bus_for_each_drv+0xb7/0x100 drivers/base/bus.c:427 [] __device_attach+0x122/0x260 drivers/base/dd.c:969 [] bus_probe_device+0xc6/0xe0 drivers/base/bus.c:487 [] device_add+0x5fb/0xdf0 drivers/base/core.c:3359 [] usb_set_configuration+0x9d9/0xb90 drivers/usb/core/message.c:2170 [] usb_generic_driver_probe+0x8c/0xc0 drivers/usb/core/generic.c:238

BUG: memory leak unreferenced object 0xffff888116f06900 (size 32): comm "kworker/0:2", pid 2670, jiffies 4294944448 (age 7.160s) hex dump (first 32 bytes): 75 73 62 2d 30 30 31 3a 30 30 33 00 00 00 00 00 usb-001:003..... 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ backtrace: [] kstrdup+0x36/0x70 mm/util.c:60 [] kstrdup_const+0x53/0x80 mm/util.c:83 [] kvasprintf_const+0xc2/0x110 lib/kasprintf.c:48 [] kobject_set_name_vargs+0x3b/0xe0 lib/kobject.c:289 [] dev_set_name+0x63/0x90 drivers/base/core.c:3147 [] __mdiobus_register+0xbb/0x450 drivers/net/phy/mdio_bus.c:535 [] __devm_mdiobus_register+0x75/0xf0 drivers/net/phy/mdio_devres.c:87 [] ax88772_init_mdio drivers/net/usb/asix_devices.c:676 [inline] [] ax88772_bind+0x330/0x480 drivers/net/usb/asix_devices.c:786 [] usbnet_probe+0x3ff/0xdf0 drivers/net/usb/usbnet.c:1745 [] usb_probe_interface+0x177/0x370 drivers/usb/core/driver.c:396 [] call_driver_probe drivers/base/dd.c:517 [inline] [] really_probe.part.0+0xe7/0x380 drivers/base/dd.c:596 [] really_probe drivers/base/dd.c:558 [inline] [] __driver_probe_device+0x10c/0x1e0 drivers/base/dd.c:751 [] driver_probe_device+0x2a/0x120 drivers/base/dd.c:781 [] __device_attach_driver+0xf6/0x140 drivers/base/dd.c:898 [] bus_for_each ---truncated---

Show details on source website


{
  "affected": [],
  "aliases": [
    "CVE-2021-47472"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-05-22T07:15:11Z",
    "severity": null
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: mdiobus: Fix memory leak in __mdiobus_register\n\nOnce device_register() failed, we should call put_device() to\ndecrement reference count for cleanup. Or it will cause memory\nleak.\n\nBUG: memory leak\nunreferenced object 0xffff888114032e00 (size 256):\n  comm \"kworker/1:3\", pid 2960, jiffies 4294943572 (age 15.920s)\n  hex dump (first 32 bytes):\n    00 00 00 00 00 00 00 00 08 2e 03 14 81 88 ff ff  ................\n    08 2e 03 14 81 88 ff ff 90 76 65 82 ff ff ff ff  .........ve.....\n  backtrace:\n    [\u003cffffffff8265cfab\u003e] kmalloc include/linux/slab.h:591 [inline]\n    [\u003cffffffff8265cfab\u003e] kzalloc include/linux/slab.h:721 [inline]\n    [\u003cffffffff8265cfab\u003e] device_private_init drivers/base/core.c:3203 [inline]\n    [\u003cffffffff8265cfab\u003e] device_add+0x89b/0xdf0 drivers/base/core.c:3253\n    [\u003cffffffff828dd643\u003e] __mdiobus_register+0xc3/0x450 drivers/net/phy/mdio_bus.c:537\n    [\u003cffffffff828cb835\u003e] __devm_mdiobus_register+0x75/0xf0 drivers/net/phy/mdio_devres.c:87\n    [\u003cffffffff82b92a00\u003e] ax88772_init_mdio drivers/net/usb/asix_devices.c:676 [inline]\n    [\u003cffffffff82b92a00\u003e] ax88772_bind+0x330/0x480 drivers/net/usb/asix_devices.c:786\n    [\u003cffffffff82baa33f\u003e] usbnet_probe+0x3ff/0xdf0 drivers/net/usb/usbnet.c:1745\n    [\u003cffffffff82c36e17\u003e] usb_probe_interface+0x177/0x370 drivers/usb/core/driver.c:396\n    [\u003cffffffff82661d17\u003e] call_driver_probe drivers/base/dd.c:517 [inline]\n    [\u003cffffffff82661d17\u003e] really_probe.part.0+0xe7/0x380 drivers/base/dd.c:596\n    [\u003cffffffff826620bc\u003e] really_probe drivers/base/dd.c:558 [inline]\n    [\u003cffffffff826620bc\u003e] __driver_probe_device+0x10c/0x1e0 drivers/base/dd.c:751\n    [\u003cffffffff826621ba\u003e] driver_probe_device+0x2a/0x120 drivers/base/dd.c:781\n    [\u003cffffffff82662a26\u003e] __device_attach_driver+0xf6/0x140 drivers/base/dd.c:898\n    [\u003cffffffff8265eca7\u003e] bus_for_each_drv+0xb7/0x100 drivers/base/bus.c:427\n    [\u003cffffffff826625a2\u003e] __device_attach+0x122/0x260 drivers/base/dd.c:969\n    [\u003cffffffff82660916\u003e] bus_probe_device+0xc6/0xe0 drivers/base/bus.c:487\n    [\u003cffffffff8265cd0b\u003e] device_add+0x5fb/0xdf0 drivers/base/core.c:3359\n    [\u003cffffffff82c343b9\u003e] usb_set_configuration+0x9d9/0xb90 drivers/usb/core/message.c:2170\n    [\u003cffffffff82c4473c\u003e] usb_generic_driver_probe+0x8c/0xc0 drivers/usb/core/generic.c:238\n\nBUG: memory leak\nunreferenced object 0xffff888116f06900 (size 32):\n  comm \"kworker/0:2\", pid 2670, jiffies 4294944448 (age 7.160s)\n  hex dump (first 32 bytes):\n    75 73 62 2d 30 30 31 3a 30 30 33 00 00 00 00 00  usb-001:003.....\n    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................\n  backtrace:\n    [\u003cffffffff81484516\u003e] kstrdup+0x36/0x70 mm/util.c:60\n    [\u003cffffffff814845a3\u003e] kstrdup_const+0x53/0x80 mm/util.c:83\n    [\u003cffffffff82296ba2\u003e] kvasprintf_const+0xc2/0x110 lib/kasprintf.c:48\n    [\u003cffffffff82358d4b\u003e] kobject_set_name_vargs+0x3b/0xe0 lib/kobject.c:289\n    [\u003cffffffff826575f3\u003e] dev_set_name+0x63/0x90 drivers/base/core.c:3147\n    [\u003cffffffff828dd63b\u003e] __mdiobus_register+0xbb/0x450 drivers/net/phy/mdio_bus.c:535\n    [\u003cffffffff828cb835\u003e] __devm_mdiobus_register+0x75/0xf0 drivers/net/phy/mdio_devres.c:87\n    [\u003cffffffff82b92a00\u003e] ax88772_init_mdio drivers/net/usb/asix_devices.c:676 [inline]\n    [\u003cffffffff82b92a00\u003e] ax88772_bind+0x330/0x480 drivers/net/usb/asix_devices.c:786\n    [\u003cffffffff82baa33f\u003e] usbnet_probe+0x3ff/0xdf0 drivers/net/usb/usbnet.c:1745\n    [\u003cffffffff82c36e17\u003e] usb_probe_interface+0x177/0x370 drivers/usb/core/driver.c:396\n    [\u003cffffffff82661d17\u003e] call_driver_probe drivers/base/dd.c:517 [inline]\n    [\u003cffffffff82661d17\u003e] really_probe.part.0+0xe7/0x380 drivers/base/dd.c:596\n    [\u003cffffffff826620bc\u003e] really_probe drivers/base/dd.c:558 [inline]\n    [\u003cffffffff826620bc\u003e] __driver_probe_device+0x10c/0x1e0 drivers/base/dd.c:751\n    [\u003cffffffff826621ba\u003e] driver_probe_device+0x2a/0x120 drivers/base/dd.c:781\n    [\u003cffffffff82662a26\u003e] __device_attach_driver+0xf6/0x140 drivers/base/dd.c:898\n    [\u003cffffffff8265eca7\u003e] bus_for_each\n---truncated---",
  "id": "GHSA-6hjm-9p27-2qv2",
  "modified": "2024-05-22T09:31:46Z",
  "published": "2024-05-22T09:31:46Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-47472"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/0c4e87ba11eb331dca2315d484d08441b8c13193"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/2bc10dca9432fadb09e45127e258fc7127fd346d"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/3a0dc2e35a5d6546b1db87fe985582dadc64fe7b"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/4ec0f9abc512cc02fb04daa89ccf6697e80ab417"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/6a18d155d5b35ad50c8fac2be091212487ae58ec"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/8121d0d4fd108280f5cd7b7fe8c6592adaa37be9"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/8ba94a7f7b9fc2a2b808ccceb99b77135deae21a"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/a9831afa2dc8a18205403907c41aa4e0950ac611"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/ab609f25d19858513919369ff3d9a63c02cd9e2e"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/b0feaa8376f52357bf2fd020d0c471713a859728"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/b89f4537d7fdbd0bafb6d8a66a484e0bc99871a4"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/bc5f2f3431ced08300e4cb3aff35f1da14c26433"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/c828115a14eacbf42042770fd68543f134e89efa"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/fd2400dd4f1b8bd7a309b1b424d9e0d188151b01"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/fdbffd95c4ce94d2197c504008eaac46b16bc5a4"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading...

Loading...

Loading...

Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.