Vulnerability-Lookup

BDU:2025-05322

Vulnerability from fstec - Published: 10.05.2021

Title

Description

Уязвимость функции acpi_device_add() модуля drivers/acpi/scan.c - драйвера поддержки ACPI (расширенный интерфейс конфигурации и питания) ядра операционной системы Linux связана с неправильным освобождением памяти перед удалением последней ссылки («утечка памяти»). Эксплуатация уязвимости может позволить нарушителю получить доступ к защищаемой информации

Severity


                    
                      AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Vendor

Сообщество свободного программного обеспечения

Software Name

Linux

Software Version

от 5.12 до 5.12.4 включительно (Linux), от 4.9.264 до 4.9.268 включительно (Linux), от 4.14.228 до 4.14.232 включительно (Linux), от 4.19.184 до 4.19.190 включительно (Linux), от 5.4.109 до 5.4.119 включительно (Linux), от 5.10.27 до 5.10.37 включительно (Linux), от 5.11.11 до 5.11.21 включительно (Linux)

Possible Mitigations

В условиях отсутствия обновлений безопасности от производителя рекомендуется придерживаться "Рекомендаций по безопасной настройке операционных систем LINUX", изложенных в методическом документе ФСТЭК России, утверждённом 25 декабря 2022 года. Использование рекомендаций: Для Linux: https://git.kernel.org/stable/c/5ab9857dde7c3ea3faef6b128d718cf8ba98721b https://git.kernel.org/stable/c/c5c8f6ffc942cf42f990f22e35bcf4cbe9d8c2fb https://git.kernel.org/stable/c/69cc821e89ce572884548ac54c4f80eec7a837a5 https://git.kernel.org/stable/c/dafd4c0b5e835db020cff11c74b4af9493a58e72 https://git.kernel.org/stable/c/e2381174daeae0ca35eddffef02dcc8de8c1ef8a https://git.kernel.org/stable/c/0c8bd174f0fc131bc9dfab35cd8784f59045da87 https://git.kernel.org/stable/c/a7e17a8d421ae23c920240625b4413c7b94d94a4 https://git.kernel.org/stable/c/6901a4f795e0e8d65ae779cb37fc22e0bf294712 https://lore.kernel.org/linux-cve-announce/2024022824-CVE-2021-46985-4dad@gregkh/T/#u

Reference

https://git.kernel.org/stable/c/5ab9857dde7c3ea3faef6b128d718cf8ba98721b https://git.kernel.org/stable/c/c5c8f6ffc942cf42f990f22e35bcf4cbe9d8c2fb https://git.kernel.org/stable/c/69cc821e89ce572884548ac54c4f80eec7a837a5 https://git.kernel.org/stable/c/dafd4c0b5e835db020cff11c74b4af9493a58e72 https://git.kernel.org/stable/c/e2381174daeae0ca35eddffef02dcc8de8c1ef8a https://git.kernel.org/stable/c/0c8bd174f0fc131bc9dfab35cd8784f59045da87 https://git.kernel.org/stable/c/a7e17a8d421ae23c920240625b4413c7b94d94a4 https://git.kernel.org/stable/c/6901a4f795e0e8d65ae779cb37fc22e0bf294712 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46985 https://lore.kernel.org/linux-cve-announce/2024022824-CVE-2021-46985-4dad@gregkh/T/#u https://git.kernel.org/linus/0c8bd174f0fc131bc9dfab35cd8784f59045da87 https://www.cve.org/CVERecord?id=CVE-2021-46985 https://lore.kernel.org/linux-cve-announce/2024022824-CVE-2021-46985-4dad@gregkh/ https://git.linuxtesting.ru/pub/scm/linux/kernel/git/lvc/linux-stable.git/commit/?h=v5.10.176-lvc1&id=e2381174daeae0ca35eddffef02dcc8de8c1ef8a https://kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.269 https://kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.233 https://kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.191 https://kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.120 https://kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.38 https://kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.11.22 https://kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.12.5

CWE

CWE-401

JSON

To clipboard

{
  "CVSS 2.0": "AV:L/AC:L/Au:S/C:N/I:N/A:C",
  "CVSS 3.0": "AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
  "CVSS 4.0": null,
  "remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
  "remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
  "\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "\u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
  "\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "\u043e\u0442 5.12 \u0434\u043e 5.12.4 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e (Linux), \u043e\u0442 4.9.264 \u0434\u043e 4.9.268 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e (Linux), \u043e\u0442 4.14.228 \u0434\u043e 4.14.232 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e (Linux), \u043e\u0442 4.19.184 \u0434\u043e 4.19.190 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e (Linux), \u043e\u0442 5.4.109 \u0434\u043e 5.4.119 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e (Linux), \u043e\u0442 5.10.27 \u0434\u043e 5.10.37 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e (Linux), \u043e\u0442 5.11.11 \u0434\u043e 5.11.21 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e (Linux)",
  "\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u0412 \u0443\u0441\u043b\u043e\u0432\u0438\u044f\u0445 \u043e\u0442\u0441\u0443\u0442\u0441\u0442\u0432\u0438\u044f \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u043e\u0442 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u043f\u0440\u0438\u0434\u0435\u0440\u0436\u0438\u0432\u0430\u0442\u044c\u0441\u044f \"\u0420\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439 \u043f\u043e \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0439 \u043d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0435 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c LINUX\", \u0438\u0437\u043b\u043e\u0436\u0435\u043d\u043d\u044b\u0445 \u0432 \u043c\u0435\u0442\u043e\u0434\u0438\u0447\u0435\u0441\u043a\u043e\u043c \u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442\u0435 \u0424\u0421\u0422\u042d\u041a \u0420\u043e\u0441\u0441\u0438\u0438, \u0443\u0442\u0432\u0435\u0440\u0436\u0434\u0451\u043d\u043d\u043e\u043c 25 \u0434\u0435\u043a\u0430\u0431\u0440\u044f 2022 \u0433\u043e\u0434\u0430.\n\n\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439:\n\u0414\u043b\u044f Linux:\nhttps://git.kernel.org/stable/c/5ab9857dde7c3ea3faef6b128d718cf8ba98721b\nhttps://git.kernel.org/stable/c/c5c8f6ffc942cf42f990f22e35bcf4cbe9d8c2fb\nhttps://git.kernel.org/stable/c/69cc821e89ce572884548ac54c4f80eec7a837a5\nhttps://git.kernel.org/stable/c/dafd4c0b5e835db020cff11c74b4af9493a58e72\nhttps://git.kernel.org/stable/c/e2381174daeae0ca35eddffef02dcc8de8c1ef8a\nhttps://git.kernel.org/stable/c/0c8bd174f0fc131bc9dfab35cd8784f59045da87\nhttps://git.kernel.org/stable/c/a7e17a8d421ae23c920240625b4413c7b94d94a4\nhttps://git.kernel.org/stable/c/6901a4f795e0e8d65ae779cb37fc22e0bf294712\nhttps://lore.kernel.org/linux-cve-announce/2024022824-CVE-2021-46985-4dad@gregkh/T/#u",
  "\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "10.05.2021",
  "\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "09.05.2025",
  "\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "09.05.2025",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2025-05322",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2021-46985",
  "\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
  "\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u0434\u0430",
  "\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "Linux",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": "\u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Linux \u043e\u0442 5.12 \u0434\u043e 5.12.4 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Linux \u043e\u0442 4.9.264 \u0434\u043e 4.9.268 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Linux \u043e\u0442 4.14.228 \u0434\u043e 4.14.232 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Linux \u043e\u0442 4.19.184 \u0434\u043e 4.19.190 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Linux \u043e\u0442 5.4.109 \u0434\u043e 5.4.119 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Linux \u043e\u0442 5.10.27 \u0434\u043e 5.10.37 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Linux \u043e\u0442 5.11.11 \u0434\u043e 5.11.21 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e ",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0444\u0443\u043d\u043a\u0446\u0438\u0438 acpi_device_add() \u043c\u043e\u0434\u0443\u043b\u044f drivers/acpi/scan.c - \u0434\u0440\u0430\u0439\u0432\u0435\u0440\u0430 \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u043a\u0438 ACPI (\u0440\u0430\u0441\u0448\u0438\u0440\u0435\u043d\u043d\u044b\u0439 \u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438 \u0438 \u043f\u0438\u0442\u0430\u043d\u0438\u044f) \u044f\u0434\u0440\u0430 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b Linux, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0437\u0430\u0449\u0438\u0449\u0430\u0435\u043c\u043e\u0439 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438",
  "\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u041d\u0435\u043f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u043e\u0435 \u043e\u0441\u0432\u043e\u0431\u043e\u0436\u0434\u0435\u043d\u0438\u0435 \u043f\u0430\u043c\u044f\u0442\u0438 \u043f\u0435\u0440\u0435\u0434 \u0443\u0434\u0430\u043b\u0435\u043d\u0438\u0435\u043c \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0439 \u0441\u0441\u044b\u043b\u043a\u0438 (\u00ab\u0443\u0442\u0435\u0447\u043a\u0430 \u043f\u0430\u043c\u044f\u0442\u0438\u00bb) (CWE-401)",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0444\u0443\u043d\u043a\u0446\u0438\u0438 acpi_device_add() \u043c\u043e\u0434\u0443\u043b\u044f drivers/acpi/scan.c - \u0434\u0440\u0430\u0439\u0432\u0435\u0440\u0430 \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u043a\u0438 ACPI (\u0440\u0430\u0441\u0448\u0438\u0440\u0435\u043d\u043d\u044b\u0439 \u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438 \u0438 \u043f\u0438\u0442\u0430\u043d\u0438\u044f) \u044f\u0434\u0440\u0430 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b Linux \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043d\u0435\u043f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u044b\u043c \u043e\u0441\u0432\u043e\u0431\u043e\u0436\u0434\u0435\u043d\u0438\u0435\u043c \u043f\u0430\u043c\u044f\u0442\u0438 \u043f\u0435\u0440\u0435\u0434 \u0443\u0434\u0430\u043b\u0435\u043d\u0438\u0435\u043c \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0439 \u0441\u0441\u044b\u043b\u043a\u0438 (\u00ab\u0443\u0442\u0435\u0447\u043a\u0430 \u043f\u0430\u043c\u044f\u0442\u0438\u00bb). \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0437\u0430\u0449\u0438\u0449\u0430\u0435\u043c\u043e\u0439 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438",
  "\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
  "\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": null,
  "\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u0418\u0441\u0447\u0435\u0440\u043f\u0430\u043d\u0438\u0435 \u0440\u0435\u0441\u0443\u0440\u0441\u043e\u0432",
  "\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "https://git.kernel.org/stable/c/5ab9857dde7c3ea3faef6b128d718cf8ba98721b\nhttps://git.kernel.org/stable/c/c5c8f6ffc942cf42f990f22e35bcf4cbe9d8c2fb\nhttps://git.kernel.org/stable/c/69cc821e89ce572884548ac54c4f80eec7a837a5\nhttps://git.kernel.org/stable/c/dafd4c0b5e835db020cff11c74b4af9493a58e72\nhttps://git.kernel.org/stable/c/e2381174daeae0ca35eddffef02dcc8de8c1ef8a\nhttps://git.kernel.org/stable/c/0c8bd174f0fc131bc9dfab35cd8784f59045da87\nhttps://git.kernel.org/stable/c/a7e17a8d421ae23c920240625b4413c7b94d94a4\nhttps://git.kernel.org/stable/c/6901a4f795e0e8d65ae779cb37fc22e0bf294712\nhttps://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46985\nhttps://lore.kernel.org/linux-cve-announce/2024022824-CVE-2021-46985-4dad@gregkh/T/#u\nhttps://git.kernel.org/linus/0c8bd174f0fc131bc9dfab35cd8784f59045da87\nhttps://www.cve.org/CVERecord?id=CVE-2021-46985\nhttps://lore.kernel.org/linux-cve-announce/2024022824-CVE-2021-46985-4dad@gregkh/\nhttps://git.linuxtesting.ru/pub/scm/linux/kernel/git/lvc/linux-stable.git/commit/?h=v5.10.176-lvc1\u0026id=e2381174daeae0ca35eddffef02dcc8de8c1ef8a\nhttps://kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.269\nhttps://kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.233\nhttps://kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.191\nhttps://kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.120\nhttps://kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.38\nhttps://kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.11.22\nhttps://kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.12.5",
  "\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
  "\u0422\u0438\u043f \u041f\u041e": "\u041e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u0430\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u0430",
  "\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-401",
  "\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0421\u0440\u0435\u0434\u043d\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 4,6)\n\u0421\u0440\u0435\u0434\u043d\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 3.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 5,5)"
}

CVE-2021-46985 (GCVE-0-2021-46985)

Vulnerability from cvelistv5 – Published: 2024-02-28 08:13 – Updated: 2026-05-23 15:18

Title

ACPI: scan: Fix a memory leak in an error handling path

Summary

In the Linux kernel, the following vulnerability has been resolved: ACPI: scan: Fix a memory leak in an error handling path If 'acpi_device_set_name()' fails, we must free 'acpi_device_bus_id->bus_id' or there is a (potential) memory leak.

Severity

No CVSS data available.

SSVC

Exploitation: none Automatable: no Technical Impact: partial

CISA Coordinator (v2.0.3)

Assigner

Linux

References

8 references

URL	Tags
https://git.kernel.org/stable/c/6901a4f795e0e8d65…
https://git.kernel.org/stable/c/5ab9857dde7c3ea3f…
https://git.kernel.org/stable/c/69cc821e89ce57288…
https://git.kernel.org/stable/c/dafd4c0b5e835db02…
https://git.kernel.org/stable/c/e2381174daeae0ca3…
https://git.kernel.org/stable/c/c5c8f6ffc942cf42f…
https://git.kernel.org/stable/c/a7e17a8d421ae23c9…
https://git.kernel.org/stable/c/0c8bd174f0fc131bc…

Impacted products

2 products

Vendor	Product	Version
Linux	Linux	Affected: e5cdbe419004e172f642e876a671a9ff1c52f8bb , < 6901a4f795e0e8d65ae779cb37fc22e0bf294712 (git) Affected: 717d9d88fbd956ab03fad97266f6ce63a036e7f8 , < 5ab9857dde7c3ea3faef6b128d718cf8ba98721b (git) Affected: 7385e438e1f31af5b86f72fd19b0dcd2738502c9 , < 69cc821e89ce572884548ac54c4f80eec7a837a5 (git) Affected: bc0b1a2036dd8072106ec81a8685ecb901f72ed6 , < dafd4c0b5e835db020cff11c74b4af9493a58e72 (git) Affected: 4a5891992c680d69d7e490e4d0428d17779d8e85 , < e2381174daeae0ca35eddffef02dcc8de8c1ef8a (git) Affected: 321dbe6c0b551f9f8030becc6900f77cf9bbb9ad , < c5c8f6ffc942cf42f990f22e35bcf4cbe9d8c2fb (git) Affected: eb50aaf960e3bedfef79063411ffd670da94b84b , < a7e17a8d421ae23c920240625b4413c7b94d94a4 (git) Affected: eb50aaf960e3bedfef79063411ffd670da94b84b , < 0c8bd174f0fc131bc9dfab35cd8784f59045da87 (git) Affected: 4.9.264 , < 4.9.269 (semver) Affected: 4.14.228 , < 4.14.233 (semver) Affected: 4.19.184 , < 4.19.191 (semver) Affected: 5.4.109 , < 5.4.120 (semver) Affected: 5.10.27 , < 5.10.38 (semver) Affected: 5.11.11 , < 5.11.22 (semver)
Linux	Linux	Affected: 5.12 Unaffected: 0 , < 5.12 (semver) Unaffected: 4.9.269 , ≤ 4.9.* (semver) Unaffected: 4.14.233 , ≤ 4.14.* (semver) Unaffected: 4.19.191 , ≤ 4.19.* (semver) Unaffected: 5.4.120 , ≤ 5.4.* (semver) Unaffected: 5.10.38 , ≤ 5.10.* (semver) Unaffected: 5.11.22 , ≤ 5.11.* (semver) Unaffected: 5.12.5 , ≤ 5.12.* (semver) Unaffected: 5.13 , ≤ * (original_commit_for_fix)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T05:24:38.487Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/6901a4f795e0e8d65ae779cb37fc22e0bf294712"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/5ab9857dde7c3ea3faef6b128d718cf8ba98721b"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/69cc821e89ce572884548ac54c4f80eec7a837a5"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/dafd4c0b5e835db020cff11c74b4af9493a58e72"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/e2381174daeae0ca35eddffef02dcc8de8c1ef8a"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/c5c8f6ffc942cf42f990f22e35bcf4cbe9d8c2fb"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/a7e17a8d421ae23c920240625b4413c7b94d94a4"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/0c8bd174f0fc131bc9dfab35cd8784f59045da87"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-46985",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-10T16:01:08.493221Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-11T17:33:40.036Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/acpi/scan.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "6901a4f795e0e8d65ae779cb37fc22e0bf294712",
              "status": "affected",
              "version": "e5cdbe419004e172f642e876a671a9ff1c52f8bb",
              "versionType": "git"
            },
            {
              "lessThan": "5ab9857dde7c3ea3faef6b128d718cf8ba98721b",
              "status": "affected",
              "version": "717d9d88fbd956ab03fad97266f6ce63a036e7f8",
              "versionType": "git"
            },
            {
              "lessThan": "69cc821e89ce572884548ac54c4f80eec7a837a5",
              "status": "affected",
              "version": "7385e438e1f31af5b86f72fd19b0dcd2738502c9",
              "versionType": "git"
            },
            {
              "lessThan": "dafd4c0b5e835db020cff11c74b4af9493a58e72",
              "status": "affected",
              "version": "bc0b1a2036dd8072106ec81a8685ecb901f72ed6",
              "versionType": "git"
            },
            {
              "lessThan": "e2381174daeae0ca35eddffef02dcc8de8c1ef8a",
              "status": "affected",
              "version": "4a5891992c680d69d7e490e4d0428d17779d8e85",
              "versionType": "git"
            },
            {
              "lessThan": "c5c8f6ffc942cf42f990f22e35bcf4cbe9d8c2fb",
              "status": "affected",
              "version": "321dbe6c0b551f9f8030becc6900f77cf9bbb9ad",
              "versionType": "git"
            },
            {
              "lessThan": "a7e17a8d421ae23c920240625b4413c7b94d94a4",
              "status": "affected",
              "version": "eb50aaf960e3bedfef79063411ffd670da94b84b",
              "versionType": "git"
            },
            {
              "lessThan": "0c8bd174f0fc131bc9dfab35cd8784f59045da87",
              "status": "affected",
              "version": "eb50aaf960e3bedfef79063411ffd670da94b84b",
              "versionType": "git"
            },
            {
              "lessThan": "4.9.269",
              "status": "affected",
              "version": "4.9.264",
              "versionType": "semver"
            },
            {
              "lessThan": "4.14.233",
              "status": "affected",
              "version": "4.14.228",
              "versionType": "semver"
            },
            {
              "lessThan": "4.19.191",
              "status": "affected",
              "version": "4.19.184",
              "versionType": "semver"
            },
            {
              "lessThan": "5.4.120",
              "status": "affected",
              "version": "5.4.109",
              "versionType": "semver"
            },
            {
              "lessThan": "5.10.38",
              "status": "affected",
              "version": "5.10.27",
              "versionType": "semver"
            },
            {
              "lessThan": "5.11.22",
              "status": "affected",
              "version": "5.11.11",
              "versionType": "semver"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/acpi/scan.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "5.12"
            },
            {
              "lessThan": "5.12",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.9.*",
              "status": "unaffected",
              "version": "4.9.269",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.14.*",
              "status": "unaffected",
              "version": "4.14.233",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.19.*",
              "status": "unaffected",
              "version": "4.19.191",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.120",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.38",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.11.*",
              "status": "unaffected",
              "version": "5.11.22",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.12.*",
              "status": "unaffected",
              "version": "5.12.5",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.13",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "4.9.269",
                  "versionStartIncluding": "4.9.264",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "4.14.233",
                  "versionStartIncluding": "4.14.228",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "4.19.191",
                  "versionStartIncluding": "4.19.184",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.4.120",
                  "versionStartIncluding": "5.4.109",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.10.38",
                  "versionStartIncluding": "5.10.27",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.11.22",
                  "versionStartIncluding": "5.11.11",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.12.5",
                  "versionStartIncluding": "5.12",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.13",
                  "versionStartIncluding": "5.12",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nACPI: scan: Fix a memory leak in an error handling path\n\nIf \u0027acpi_device_set_name()\u0027 fails, we must free\n\u0027acpi_device_bus_id-\u003ebus_id\u0027 or there is a (potential) memory leak."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-05-23T15:18:52.732Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/6901a4f795e0e8d65ae779cb37fc22e0bf294712"
        },
        {
          "url": "https://git.kernel.org/stable/c/5ab9857dde7c3ea3faef6b128d718cf8ba98721b"
        },
        {
          "url": "https://git.kernel.org/stable/c/69cc821e89ce572884548ac54c4f80eec7a837a5"
        },
        {
          "url": "https://git.kernel.org/stable/c/dafd4c0b5e835db020cff11c74b4af9493a58e72"
        },
        {
          "url": "https://git.kernel.org/stable/c/e2381174daeae0ca35eddffef02dcc8de8c1ef8a"
        },
        {
          "url": "https://git.kernel.org/stable/c/c5c8f6ffc942cf42f990f22e35bcf4cbe9d8c2fb"
        },
        {
          "url": "https://git.kernel.org/stable/c/a7e17a8d421ae23c920240625b4413c7b94d94a4"
        },
        {
          "url": "https://git.kernel.org/stable/c/0c8bd174f0fc131bc9dfab35cd8784f59045da87"
        }
      ],
      "title": "ACPI: scan: Fix a memory leak in an error handling path",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2021-46985",
    "datePublished": "2024-02-28T08:13:13.454Z",
    "dateReserved": "2024-02-27T18:42:55.946Z",
    "dateUpdated": "2026-05-23T15:18:52.732Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

BDU:2025-05322

CVE-2021-46985 (GCVE-0-2021-46985)

Tags

Sightings

Nomenclature