CVE-2021-47173

2024-03-2510:15:09

CWE-401

Linux

web.nvd.nist.gov

linux kernel usb driver

memory leak

vulnerability

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

AI Score

6.2

Confidence

Low

EPSS

Percentile

5.1%

JSON

In the Linux kernel, the following vulnerability has been resolved:

misc/uss720: fix memory leak in uss720_probe

uss720_probe forgets to decrease the refcount of usbdev in uss720_probe.
Fix this by decreasing the refcount of usbdev by usb_put_dev.

BUG: memory leak
unreferenced object 0xffff888101113800 (size 2048):
comm “kworker/0:1”, pid 7, jiffies 4294956777 (age 28.870s)
hex dump (first 32 bytes):
ff ff ff ff 31 00 00 00 00 00 00 00 00 00 00 00 …1…
00 00 00 00 00 00 00 00 00 00 00 00 03 00 00 00 …
backtrace:
[<ffffffff82b8e822>] kmalloc include/linux/slab.h:554 [inline]
[<ffffffff82b8e822>] kzalloc include/linux/slab.h:684 [inline]
[<ffffffff82b8e822>] usb_alloc_dev+0x32/0x450 drivers/usb/core/usb.c:582
[<ffffffff82b98441>] hub_port_connect drivers/usb/core/hub.c:5129 [inline]
[<ffffffff82b98441>] hub_port_connect_change drivers/usb/core/hub.c:5363 [inline]
[<ffffffff82b98441>] port_event drivers/usb/core/hub.c:5509 [inline]
[<ffffffff82b98441>] hub_event+0x1171/0x20c0 drivers/usb/core/hub.c:5591
[<ffffffff81259229>] process_one_work+0x2c9/0x600 kernel/workqueue.c:2275
[<ffffffff81259b19>] worker_thread+0x59/0x5d0 kernel/workqueue.c:2421
[<ffffffff81261228>] kthread+0x178/0x1b0 kernel/kthread.c:292
[<ffffffff8100227f>] ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:294

Affected configurations

Nvd

Vulners

Node

linuxlinux_kernelRange2.6.14–4.4.271

linuxlinux_kernelRange4.5–4.9.271

linuxlinux_kernelRange4.10–4.14.235

linuxlinux_kernelRange4.15–4.19.193

linuxlinux_kernelRange4.20–5.4.124

linuxlinux_kernelRange5.5–5.10.42

linuxlinux_kernelRange5.11–5.12.9

VendorProductVersionCPE
linuxlinux_kernel*cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
linux	linux_kernel	*	cpe:2.3:o:linux:linux_kernel::::::::

CNA Affected

[
  {
    "product": "Linux",
    "vendor": "Linux",
    "defaultStatus": "unaffected",
    "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
    "programFiles": [
      "drivers/usb/misc/uss720.c"
    ],
    "versions": [
      {
        "version": "0f36163d3abe",
        "lessThan": "5f46b2410db2",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "0f36163d3abe",
        "lessThan": "7889c70e6173",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "0f36163d3abe",
        "lessThan": "bcb30cc8f8be",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "0f36163d3abe",
        "lessThan": "386918878ce4",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "0f36163d3abe",
        "lessThan": "36b5ff1db1a4",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "0f36163d3abe",
        "lessThan": "5394ae9d8c79",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "0f36163d3abe",
        "lessThan": "a3c3face38cb",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "0f36163d3abe",
        "lessThan": "dcb4b8ad6a44",
        "status": "affected",
        "versionType": "git"
      }
    ]
  },
  {
    "product": "Linux",
    "vendor": "Linux",
    "defaultStatus": "affected",
    "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
    "programFiles": [
      "drivers/usb/misc/uss720.c"
    ],
    "versions": [
      {
        "version": "2.6.14",
        "status": "affected"
      },
      {
        "version": "0",
        "lessThan": "2.6.14",
        "status": "unaffected",
        "versionType": "custom"
      },
      {
        "version": "4.4.271",
        "lessThanOrEqual": "4.4.*",
        "status": "unaffected",
        "versionType": "custom"
      },
      {
        "version": "4.9.271",
        "lessThanOrEqual": "4.9.*",
        "status": "unaffected",
        "versionType": "custom"
      },
      {
        "version": "4.14.235",
        "lessThanOrEqual": "4.14.*",
        "status": "unaffected",
        "versionType": "custom"
      },
      {
        "version": "4.19.193",
        "lessThanOrEqual": "4.19.*",
        "status": "unaffected",
        "versionType": "custom"
      },
      {
        "version": "5.4.124",
        "lessThanOrEqual": "5.4.*",
        "status": "unaffected",
        "versionType": "custom"
      },
      {
        "version": "5.10.42",
        "lessThanOrEqual": "5.10.*",
        "status": "unaffected",
        "versionType": "custom"
      },
      {
        "version": "5.12.9",
        "lessThanOrEqual": "5.12.*",
        "status": "unaffected",
        "versionType": "custom"
      },
      {
        "version": "5.13",
        "lessThanOrEqual": "*",
        "status": "unaffected",
        "versionType": "original_commit_for_fix"
      }
    ]
  }
]