FKIE_CVE-2021-46985
Vulnerability from fkie_nvd - Published: 2024-02-28 09:15 - Updated: 2026-06-17 04:16
Severity
Summary
In the Linux kernel, the following vulnerability has been resolved:
ACPI: scan: Fix a memory leak in an error handling path
If 'acpi_device_set_name()' fails, we must free
'acpi_device_bus_id->bus_id' or there is a (potential) memory leak.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| linux | linux_kernel | * | |
| linux | linux_kernel | * | |
| linux | linux_kernel | * | |
| linux | linux_kernel | * | |
| linux | linux_kernel | * | |
| linux | linux_kernel | * | |
| linux | linux_kernel | * | |
| linux | linux_kernel | 5.13 |
{
"affected": [
{
"affectedData": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/acpi/scan.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "6901a4f795e0e8d65ae779cb37fc22e0bf294712",
"status": "affected",
"version": "e5cdbe419004e172f642e876a671a9ff1c52f8bb",
"versionType": "git"
},
{
"lessThan": "5ab9857dde7c3ea3faef6b128d718cf8ba98721b",
"status": "affected",
"version": "717d9d88fbd956ab03fad97266f6ce63a036e7f8",
"versionType": "git"
},
{
"lessThan": "69cc821e89ce572884548ac54c4f80eec7a837a5",
"status": "affected",
"version": "7385e438e1f31af5b86f72fd19b0dcd2738502c9",
"versionType": "git"
},
{
"lessThan": "dafd4c0b5e835db020cff11c74b4af9493a58e72",
"status": "affected",
"version": "bc0b1a2036dd8072106ec81a8685ecb901f72ed6",
"versionType": "git"
},
{
"lessThan": "e2381174daeae0ca35eddffef02dcc8de8c1ef8a",
"status": "affected",
"version": "4a5891992c680d69d7e490e4d0428d17779d8e85",
"versionType": "git"
},
{
"lessThan": "c5c8f6ffc942cf42f990f22e35bcf4cbe9d8c2fb",
"status": "affected",
"version": "321dbe6c0b551f9f8030becc6900f77cf9bbb9ad",
"versionType": "git"
},
{
"lessThan": "a7e17a8d421ae23c920240625b4413c7b94d94a4",
"status": "affected",
"version": "eb50aaf960e3bedfef79063411ffd670da94b84b",
"versionType": "git"
},
{
"lessThan": "0c8bd174f0fc131bc9dfab35cd8784f59045da87",
"status": "affected",
"version": "eb50aaf960e3bedfef79063411ffd670da94b84b",
"versionType": "git"
},
{
"lessThan": "4.9.269",
"status": "affected",
"version": "4.9.264",
"versionType": "semver"
},
{
"lessThan": "4.14.233",
"status": "affected",
"version": "4.14.228",
"versionType": "semver"
},
{
"lessThan": "4.19.191",
"status": "affected",
"version": "4.19.184",
"versionType": "semver"
},
{
"lessThan": "5.4.120",
"status": "affected",
"version": "5.4.109",
"versionType": "semver"
},
{
"lessThan": "5.10.38",
"status": "affected",
"version": "5.10.27",
"versionType": "semver"
},
{
"lessThan": "5.11.22",
"status": "affected",
"version": "5.11.11",
"versionType": "semver"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/acpi/scan.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "5.12"
},
{
"lessThan": "5.12",
"status": "unaffected",
"version": "0",
"versionType": "semver"
},
{
"lessThanOrEqual": "4.9.*",
"status": "unaffected",
"version": "4.9.269",
"versionType": "semver"
},
{
"lessThanOrEqual": "4.14.*",
"status": "unaffected",
"version": "4.14.233",
"versionType": "semver"
},
{
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"version": "4.19.191",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"version": "5.4.120",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.38",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.11.*",
"status": "unaffected",
"version": "5.11.22",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.12.*",
"status": "unaffected",
"version": "5.12.5",
"versionType": "semver"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "5.13",
"versionType": "original_commit_for_fix"
}
]
}
],
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
],
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1ADB041C-B7A7-43C5-8A66-2062540C8839",
"versionEndExcluding": "4.9.269",
"versionStartIncluding": "4.9.264",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4C53C5E0-714F-444D-B579-3AB73443B15D",
"versionEndExcluding": "4.14.233",
"versionStartIncluding": "4.14.228",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6B304005-4409-4E5F-9A29-3F31515F9712",
"versionEndExcluding": "4.19.191",
"versionStartIncluding": "4.19.184",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FA921B4C-9140-4789-8E40-3205E3C6279A",
"versionEndExcluding": "5.4.120",
"versionStartIncluding": "5.4.109",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0A046A85-36F8-4288-870F-12A372193A42",
"versionEndExcluding": "5.10.38",
"versionStartIncluding": "5.10.27",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DCEAD58C-BF3C-4649-A607-4F1FA41807C8",
"versionEndExcluding": "5.11.22",
"versionStartIncluding": "5.11.11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0274929A-B36C-4F4C-AB22-30A0DD6B995B",
"versionEndExcluding": "5.12.5",
"versionStartIncluding": "5.12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:5.13:rc1:*:*:*:*:*:*",
"matchCriteriaId": "0CBAD0FC-C281-4666-AB2F-F8E6E1165DF7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nACPI: scan: Fix a memory leak in an error handling path\n\nIf \u0027acpi_device_set_name()\u0027 fails, we must free\n\u0027acpi_device_bus_id-\u003ebus_id\u0027 or there is a (potential) memory leak."
},
{
"lang": "es",
"value": "En el kernel de Linux se ha resuelto la siguiente vulnerabilidad: ACPI: scan: Corregir p\u00e9rdida de memoria en una ruta de manejo de errores Si falla \u0027acpi_device_set_name()\u0027 debemos liberar \u0027acpi_device_bus_id-\u0026gt;bus_id\u0027 o hay una (potencial) memoria filtraci\u00f3n."
}
],
"id": "CVE-2021-46985",
"lastModified": "2026-06-17T04:16:04.857",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
],
"ssvcV203": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"ssvcData": {
"id": "CVE-2021-46985",
"options": [
{
"exploitation": "none"
},
{
"automatable": "no"
},
{
"technicalImpact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-10T16:01:08.493221Z",
"version": "2.0.3"
}
}
]
},
"published": "2024-02-28T09:15:37.497",
"references": [
{
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
],
"url": "https://git.kernel.org/stable/c/0c8bd174f0fc131bc9dfab35cd8784f59045da87"
},
{
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
],
"url": "https://git.kernel.org/stable/c/5ab9857dde7c3ea3faef6b128d718cf8ba98721b"
},
{
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
],
"url": "https://git.kernel.org/stable/c/6901a4f795e0e8d65ae779cb37fc22e0bf294712"
},
{
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
],
"url": "https://git.kernel.org/stable/c/69cc821e89ce572884548ac54c4f80eec7a837a5"
},
{
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
],
"url": "https://git.kernel.org/stable/c/a7e17a8d421ae23c920240625b4413c7b94d94a4"
},
{
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
],
"url": "https://git.kernel.org/stable/c/c5c8f6ffc942cf42f990f22e35bcf4cbe9d8c2fb"
},
{
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
],
"url": "https://git.kernel.org/stable/c/dafd4c0b5e835db020cff11c74b4af9493a58e72"
},
{
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
],
"url": "https://git.kernel.org/stable/c/e2381174daeae0ca35eddffef02dcc8de8c1ef8a"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "https://git.kernel.org/stable/c/0c8bd174f0fc131bc9dfab35cd8784f59045da87"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "https://git.kernel.org/stable/c/5ab9857dde7c3ea3faef6b128d718cf8ba98721b"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "https://git.kernel.org/stable/c/6901a4f795e0e8d65ae779cb37fc22e0bf294712"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "https://git.kernel.org/stable/c/69cc821e89ce572884548ac54c4f80eec7a837a5"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "https://git.kernel.org/stable/c/a7e17a8d421ae23c920240625b4413c7b94d94a4"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "https://git.kernel.org/stable/c/c5c8f6ffc942cf42f990f22e35bcf4cbe9d8c2fb"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "https://git.kernel.org/stable/c/dafd4c0b5e835db020cff11c74b4af9493a58e72"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "https://git.kernel.org/stable/c/e2381174daeae0ca35eddffef02dcc8de8c1ef8a"
}
],
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-401"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Loading…
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…