CVE-2021-47122

In the Linux kernel, the following vulnerability has been resolved: net: caif: fix memory leak in caif_device_notify In case of caif_enroll_dev() fail, allocated link_support won't be assigned to the corresponding structure. So simply free allocated pointer in case of error

CVSS v3 5.5 MEDIUM

5.5^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://git.kernel.org/stable/c/3be863c11cab725add9fef4237ed4e232c3fc3bb	Patch
https://git.kernel.org/stable/c/4bca2034b41c15b62d47a19158bb76235fd4455d	Patch
https://git.kernel.org/stable/c/6a0e317f61094d377335547e015dd2ff12caf893	Patch
https://git.kernel.org/stable/c/9348c1f10932f13b299cbc8b1bd5f780751fae49	Patch
https://git.kernel.org/stable/c/af2806345a37313f01b1c9f15e046745b8ee2daa	Patch
https://git.kernel.org/stable/c/b042e2b2039565eb8f0eb51c14fbe1ef463c8cd8	Patch
https://git.kernel.org/stable/c/b53558a950a89824938e9811eddfc8efcd94e1bb	Patch
https://git.kernel.org/stable/c/f52f4fd67264c70cd0b4ba326962ebe12d9cba94	Patch
https://git.kernel.org/stable/c/3be863c11cab725add9fef4237ed4e232c3fc3bb	Patch
https://git.kernel.org/stable/c/4bca2034b41c15b62d47a19158bb76235fd4455d	Patch
https://git.kernel.org/stable/c/6a0e317f61094d377335547e015dd2ff12caf893	Patch
https://git.kernel.org/stable/c/9348c1f10932f13b299cbc8b1bd5f780751fae49	Patch
https://git.kernel.org/stable/c/af2806345a37313f01b1c9f15e046745b8ee2daa	Patch
https://git.kernel.org/stable/c/b042e2b2039565eb8f0eb51c14fbe1ef463c8cd8	Patch
https://git.kernel.org/stable/c/b53558a950a89824938e9811eddfc8efcd94e1bb	Patch
https://git.kernel.org/stable/c/f52f4fd67264c70cd0b4ba326962ebe12d9cba94	Patch

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel:5.13:rc1::::::
	cpe:2.3:o:linux:linux_kernel:5.13:rc2::::::
	cpe:2.3:o:linux:linux_kernel:5.13:rc3::::::
	cpe:2.3:o:linux:linux_kernel:5.13:rc4::::::

History

07 Jan 2025, 17:30

Type	Values Removed	Values Added
CWE		CWE-401
First Time		Linux Linux linux Kernel
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 5.5
References	~~() https://git.kernel.org/stable/c/3be863c11cab725add9fef4237ed4e232c3fc3bb -~~	() https://git.kernel.org/stable/c/3be863c11cab725add9fef4237ed4e232c3fc3bb - Patch
References	~~() https://git.kernel.org/stable/c/4bca2034b41c15b62d47a19158bb76235fd4455d -~~	() https://git.kernel.org/stable/c/4bca2034b41c15b62d47a19158bb76235fd4455d - Patch
References	~~() https://git.kernel.org/stable/c/6a0e317f61094d377335547e015dd2ff12caf893 -~~	() https://git.kernel.org/stable/c/6a0e317f61094d377335547e015dd2ff12caf893 - Patch
References	~~() https://git.kernel.org/stable/c/9348c1f10932f13b299cbc8b1bd5f780751fae49 -~~	() https://git.kernel.org/stable/c/9348c1f10932f13b299cbc8b1bd5f780751fae49 - Patch
References	~~() https://git.kernel.org/stable/c/af2806345a37313f01b1c9f15e046745b8ee2daa -~~	() https://git.kernel.org/stable/c/af2806345a37313f01b1c9f15e046745b8ee2daa - Patch
References	~~() https://git.kernel.org/stable/c/b042e2b2039565eb8f0eb51c14fbe1ef463c8cd8 -~~	() https://git.kernel.org/stable/c/b042e2b2039565eb8f0eb51c14fbe1ef463c8cd8 - Patch
References	~~() https://git.kernel.org/stable/c/b53558a950a89824938e9811eddfc8efcd94e1bb -~~	() https://git.kernel.org/stable/c/b53558a950a89824938e9811eddfc8efcd94e1bb - Patch
References	~~() https://git.kernel.org/stable/c/f52f4fd67264c70cd0b4ba326962ebe12d9cba94 -~~	() https://git.kernel.org/stable/c/f52f4fd67264c70cd0b4ba326962ebe12d9cba94 - Patch
CPE		cpe:2.3:o:linux:linux_kernel:5.13:rc2:::::: cpe:2.3:o:linux:linux_kernel:5.13:rc3:::::: cpe:2.3:o:linux:linux_kernel:::::::: cpe:2.3:o:linux:linux_kernel:5.13:rc1:::::: cpe:2.3:o:linux:linux_kernel:5.13:rc4::::::

21 Nov 2024, 06:35

Type	Values Removed	Values Added
Summary		(es) En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: net: caif: corrige la pérdida de memoria en caif_device_notify En caso de que falle caif_enroll_dev(), el link_support asignado no se asignará a la estructura correspondiente. Así que simplemente libera el puntero asignado en caso de error.
References	~~() https://git.kernel.org/stable/c/3be863c11cab725add9fef4237ed4e232c3fc3bb -~~	() https://git.kernel.org/stable/c/3be863c11cab725add9fef4237ed4e232c3fc3bb -
References	~~() https://git.kernel.org/stable/c/4bca2034b41c15b62d47a19158bb76235fd4455d -~~	() https://git.kernel.org/stable/c/4bca2034b41c15b62d47a19158bb76235fd4455d -
References	~~() https://git.kernel.org/stable/c/6a0e317f61094d377335547e015dd2ff12caf893 -~~	() https://git.kernel.org/stable/c/6a0e317f61094d377335547e015dd2ff12caf893 -
References	~~() https://git.kernel.org/stable/c/9348c1f10932f13b299cbc8b1bd5f780751fae49 -~~	() https://git.kernel.org/stable/c/9348c1f10932f13b299cbc8b1bd5f780751fae49 -
References	~~() https://git.kernel.org/stable/c/af2806345a37313f01b1c9f15e046745b8ee2daa -~~	() https://git.kernel.org/stable/c/af2806345a37313f01b1c9f15e046745b8ee2daa -
References	~~() https://git.kernel.org/stable/c/b042e2b2039565eb8f0eb51c14fbe1ef463c8cd8 -~~	() https://git.kernel.org/stable/c/b042e2b2039565eb8f0eb51c14fbe1ef463c8cd8 -
References	~~() https://git.kernel.org/stable/c/b53558a950a89824938e9811eddfc8efcd94e1bb -~~	() https://git.kernel.org/stable/c/b53558a950a89824938e9811eddfc8efcd94e1bb -
References	~~() https://git.kernel.org/stable/c/f52f4fd67264c70cd0b4ba326962ebe12d9cba94 -~~	() https://git.kernel.org/stable/c/f52f4fd67264c70cd0b4ba326962ebe12d9cba94 -

15 Mar 2024, 21:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2024-03-15 21:15

Updated : 2025-01-07 17:30

NVD link : CVE-2021-47122

Mitre link : CVE-2021-47122

CVE.ORG link : CVE-2021-47122

JSON object : View

Products Affected

linux

linux_kernel

CWE

CWE-401

Missing Release of Memory after Effective Lifetime

5.5 /10