gsd-2021-47171
Vulnerability from gsd
Modified
2024-04-03 05:03
Details
In the Linux kernel, the following vulnerability has been resolved:
net: usb: fix memory leak in smsc75xx_bind
Syzbot reported memory leak in smsc75xx_bind().
The problem was is non-freed memory in case of
errors after memory allocation.
backtrace:
[<ffffffff84245b62>] kmalloc include/linux/slab.h:556 [inline]
[<ffffffff84245b62>] kzalloc include/linux/slab.h:686 [inline]
[<ffffffff84245b62>] smsc75xx_bind+0x7a/0x334 drivers/net/usb/smsc75xx.c:1460
[<ffffffff82b5b2e6>] usbnet_probe+0x3b6/0xc30 drivers/net/usb/usbnet.c:1728
Aliases
{ "gsd": { "metadata": { "exploitCode": "unknown", "remediation": "unknown", "reportConfidence": "confirmed", "type": "vulnerability" }, "osvSchema": { "aliases": [ "CVE-2021-47171" ], "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: usb: fix memory leak in smsc75xx_bind\n\nSyzbot reported memory leak in smsc75xx_bind().\nThe problem was is non-freed memory in case of\nerrors after memory allocation.\n\nbacktrace:\n [\u003cffffffff84245b62\u003e] kmalloc include/linux/slab.h:556 [inline]\n [\u003cffffffff84245b62\u003e] kzalloc include/linux/slab.h:686 [inline]\n [\u003cffffffff84245b62\u003e] smsc75xx_bind+0x7a/0x334 drivers/net/usb/smsc75xx.c:1460\n [\u003cffffffff82b5b2e6\u003e] usbnet_probe+0x3b6/0xc30 drivers/net/usb/usbnet.c:1728", "id": "GSD-2021-47171", "modified": "2024-04-03T05:03:54.995378Z", "schema_version": "1.4.0" } }, "namespaces": { "cve.org": { "CVE_data_meta": { "ASSIGNER": "cve@kernel.org", "ID": "CVE-2021-47171", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Linux", "version": { "version_data": [ { "version_affected": "\u003c", "version_name": "d0cad871703b", "version_value": "200dbfcad801" }, { "version_value": "not down converted", "x_cve_json_5_version_data": { "defaultStatus": "affected", "versions": [ { "status": "affected", "version": "2.6.34" }, { "lessThan": "2.6.34", "status": "unaffected", "version": "0", "versionType": "custom" }, { "lessThanOrEqual": "4.4.*", "status": "unaffected", "version": "4.4.271", "versionType": "custom" }, { "lessThanOrEqual": "4.9.*", "status": "unaffected", "version": "4.9.271", "versionType": "custom" }, { "lessThanOrEqual": "4.14.*", "status": "unaffected", "version": "4.14.235", "versionType": "custom" }, { "lessThanOrEqual": "4.19.*", "status": "unaffected", "version": "4.19.193", "versionType": "custom" }, { "lessThanOrEqual": "5.4.*", "status": "unaffected", "version": "5.4.124", "versionType": "custom" }, { "lessThanOrEqual": "5.10.*", "status": "unaffected", "version": "5.10.42", "versionType": "custom" }, { "lessThanOrEqual": "5.12.*", "status": "unaffected", "version": "5.12.9", "versionType": "custom" }, { "lessThanOrEqual": "*", "status": "unaffected", "version": "5.13", "versionType": "original_commit_for_fix" } ] } } ] } } ] }, "vendor_name": "Linux" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: usb: fix memory leak in smsc75xx_bind\n\nSyzbot reported memory leak in smsc75xx_bind().\nThe problem was is non-freed memory in case of\nerrors after memory allocation.\n\nbacktrace:\n [\u003cffffffff84245b62\u003e] kmalloc include/linux/slab.h:556 [inline]\n [\u003cffffffff84245b62\u003e] kzalloc include/linux/slab.h:686 [inline]\n [\u003cffffffff84245b62\u003e] smsc75xx_bind+0x7a/0x334 drivers/net/usb/smsc75xx.c:1460\n [\u003cffffffff82b5b2e6\u003e] usbnet_probe+0x3b6/0xc30 drivers/net/usb/usbnet.c:1728" } ] }, "generator": { "engine": "bippy-b4257b672505" }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "https://git.kernel.org/stable/c/200dbfcad8011e50c3cec269ed7b980836eeb1fa", "refsource": "MISC", "url": "https://git.kernel.org/stable/c/200dbfcad8011e50c3cec269ed7b980836eeb1fa" }, { "name": "https://git.kernel.org/stable/c/22c840596af0c09068b6cf948616e6496e59e07f", "refsource": "MISC", "url": "https://git.kernel.org/stable/c/22c840596af0c09068b6cf948616e6496e59e07f" }, { "name": "https://git.kernel.org/stable/c/9e6b8c1ff9d997e1fa16cbd2d60739adf6dc1bbc", "refsource": "MISC", "url": "https://git.kernel.org/stable/c/9e6b8c1ff9d997e1fa16cbd2d60739adf6dc1bbc" }, { "name": "https://git.kernel.org/stable/c/9e6a3eccb28779710cbbafc4f4258d92509c6d07", "refsource": "MISC", "url": "https://git.kernel.org/stable/c/9e6a3eccb28779710cbbafc4f4258d92509c6d07" }, { "name": "https://git.kernel.org/stable/c/b95fb96e6339e34694dd578fb6bde3575b01af17", "refsource": "MISC", "url": "https://git.kernel.org/stable/c/b95fb96e6339e34694dd578fb6bde3575b01af17" }, { "name": "https://git.kernel.org/stable/c/635ac38b36255d3cfb8312cf7c471334f4d537e0", "refsource": "MISC", "url": "https://git.kernel.org/stable/c/635ac38b36255d3cfb8312cf7c471334f4d537e0" }, { "name": "https://git.kernel.org/stable/c/70c886ac93f87ae7214a0c69151a28a8075dd95b", "refsource": "MISC", "url": "https://git.kernel.org/stable/c/70c886ac93f87ae7214a0c69151a28a8075dd95b" }, { "name": "https://git.kernel.org/stable/c/46a8b29c6306d8bbfd92b614ef65a47c900d8e70", "refsource": "MISC", "url": "https://git.kernel.org/stable/c/46a8b29c6306d8bbfd92b614ef65a47c900d8e70" } ] } }, "nvd.nist.gov": { "cve": { "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: usb: fix memory leak in smsc75xx_bind\n\nSyzbot reported memory leak in smsc75xx_bind().\nThe problem was is non-freed memory in case of\nerrors after memory allocation.\n\nbacktrace:\n [\u003cffffffff84245b62\u003e] kmalloc include/linux/slab.h:556 [inline]\n [\u003cffffffff84245b62\u003e] kzalloc include/linux/slab.h:686 [inline]\n [\u003cffffffff84245b62\u003e] smsc75xx_bind+0x7a/0x334 drivers/net/usb/smsc75xx.c:1460\n [\u003cffffffff82b5b2e6\u003e] usbnet_probe+0x3b6/0xc30 drivers/net/usb/usbnet.c:1728" }, { "lang": "es", "value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: net: usb: corrige la p\u00e9rdida de memoria en smsc75xx_bind Syzbot inform\u00f3 una p\u00e9rdida de memoria en smsc75xx_bind(). El problema era que la memoria no se liberaba en caso de errores despu\u00e9s de la asignaci\u00f3n de memoria. backtrace: [] kmalloc include/linux/slab.h:556 [en l\u00ednea] [] kzalloc include/linux/slab.h:686 [en l\u00ednea] [] smsc75xx_bind+0x7a/0x334 controladores/ net/usb/smsc75xx.c:1460 [] usbnet_probe+0x3b6/0xc30 controladores/net/usb/usbnet.c:1728" } ], "id": "CVE-2021-47171", "lastModified": "2024-03-25T13:47:14.087", "metrics": {}, "published": "2024-03-25T10:15:08.917", "references": [ { "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/200dbfcad8011e50c3cec269ed7b980836eeb1fa" }, { "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/22c840596af0c09068b6cf948616e6496e59e07f" }, { "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/46a8b29c6306d8bbfd92b614ef65a47c900d8e70" }, { "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/635ac38b36255d3cfb8312cf7c471334f4d537e0" }, { "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/70c886ac93f87ae7214a0c69151a28a8075dd95b" }, { "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/9e6a3eccb28779710cbbafc4f4258d92509c6d07" }, { "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/9e6b8c1ff9d997e1fa16cbd2d60739adf6dc1bbc" }, { "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/b95fb96e6339e34694dd578fb6bde3575b01af17" } ], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Awaiting Analysis" } } } }
Loading...
Loading...
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.