fkie_cve-2021-47133
Vulnerability from fkie_nvd
Published
2024-03-15 21:15
Modified
2025-01-07 17:30
Severity ?
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Summary
In the Linux kernel, the following vulnerability has been resolved: HID: amd_sfh: Fix memory leak in amd_sfh_work Kmemleak tool detected a memory leak in the amd_sfh driver. ==================== unreferenced object 0xffff88810228ada0 (size 32): comm "insmod", pid 3968, jiffies 4295056001 (age 775.792s) hex dump (first 32 bytes): 00 20 73 1f 81 88 ff ff 00 01 00 00 00 00 ad de . s............. 22 01 00 00 00 00 ad de 01 00 02 00 00 00 00 00 "............... backtrace: [<000000007b4c8799>] kmem_cache_alloc_trace+0x163/0x4f0 [<0000000005326893>] amd_sfh_get_report+0xa4/0x1d0 [amd_sfh] [<000000002a9e5ec4>] amdtp_hid_request+0x62/0x80 [amd_sfh] [<00000000b8a95807>] sensor_hub_get_feature+0x145/0x270 [hid_sensor_hub] [<00000000fda054ee>] hid_sensor_parse_common_attributes+0x215/0x460 [hid_sensor_iio_common] [<0000000021279ecf>] hid_accel_3d_probe+0xff/0x4a0 [hid_sensor_accel_3d] [<00000000915760ce>] platform_probe+0x6a/0xd0 [<0000000060258a1f>] really_probe+0x192/0x620 [<00000000fa812f2d>] driver_probe_device+0x14a/0x1d0 [<000000005e79f7fd>] __device_attach_driver+0xbd/0x110 [<0000000070d15018>] bus_for_each_drv+0xfd/0x160 [<0000000013a3c312>] __device_attach+0x18b/0x220 [<000000008c7b4afc>] device_initial_probe+0x13/0x20 [<00000000e6e99665>] bus_probe_device+0xfe/0x120 [<00000000833fa90b>] device_add+0x6a6/0xe00 [<00000000fa901078>] platform_device_add+0x180/0x380 ==================== The fix is to freeing request_list entry once the processed entry is removed from the request_list.
References
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/29beadea66a226d744d5ffdcde6b984623053d24Patch
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/5ad755fd2b326aa2bc8910b0eb351ee6aece21b1Patch
af854a3a-2127-422b-91ae-364da2661108https://git.kernel.org/stable/c/29beadea66a226d744d5ffdcde6b984623053d24Patch
af854a3a-2127-422b-91ae-364da2661108https://git.kernel.org/stable/c/5ad755fd2b326aa2bc8910b0eb351ee6aece21b1Patch
Impacted products
Vendor Product Version
linux linux_kernel *
linux linux_kernel 5.13
linux linux_kernel 5.13
linux linux_kernel 5.13
linux linux_kernel 5.13


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "27384800-AB48-4C08-891E-34B66F5FC4AA",
              "versionEndExcluding": "5.12.10",
              "versionStartIncluding": "5.11",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:5.13:rc1:*:*:*:*:*:*",
              "matchCriteriaId": "0CBAD0FC-C281-4666-AB2F-F8E6E1165DF7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:5.13:rc2:*:*:*:*:*:*",
              "matchCriteriaId": "96AC23B2-D46A-49D9-8203-8E1BEDCA8532",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:5.13:rc3:*:*:*:*:*:*",
              "matchCriteriaId": "DA610E30-717C-4700-9F77-A3C9244F3BFD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:5.13:rc4:*:*:*:*:*:*",
              "matchCriteriaId": "1ECD33F5-85BE-430B-8F86-8D7BD560311D",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: amd_sfh: Fix memory leak in amd_sfh_work\n\nKmemleak tool detected a memory leak in the amd_sfh driver.\n\n====================\nunreferenced object 0xffff88810228ada0 (size 32):\n  comm \"insmod\", pid 3968, jiffies 4295056001 (age 775.792s)\n  hex dump (first 32 bytes):\n    00 20 73 1f 81 88 ff ff 00 01 00 00 00 00 ad de  . s.............\n    22 01 00 00 00 00 ad de 01 00 02 00 00 00 00 00  \"...............\n  backtrace:\n    [\u003c000000007b4c8799\u003e] kmem_cache_alloc_trace+0x163/0x4f0\n    [\u003c0000000005326893\u003e] amd_sfh_get_report+0xa4/0x1d0 [amd_sfh]\n    [\u003c000000002a9e5ec4\u003e] amdtp_hid_request+0x62/0x80 [amd_sfh]\n    [\u003c00000000b8a95807\u003e] sensor_hub_get_feature+0x145/0x270 [hid_sensor_hub]\n    [\u003c00000000fda054ee\u003e] hid_sensor_parse_common_attributes+0x215/0x460 [hid_sensor_iio_common]\n    [\u003c0000000021279ecf\u003e] hid_accel_3d_probe+0xff/0x4a0 [hid_sensor_accel_3d]\n    [\u003c00000000915760ce\u003e] platform_probe+0x6a/0xd0\n    [\u003c0000000060258a1f\u003e] really_probe+0x192/0x620\n    [\u003c00000000fa812f2d\u003e] driver_probe_device+0x14a/0x1d0\n    [\u003c000000005e79f7fd\u003e] __device_attach_driver+0xbd/0x110\n    [\u003c0000000070d15018\u003e] bus_for_each_drv+0xfd/0x160\n    [\u003c0000000013a3c312\u003e] __device_attach+0x18b/0x220\n    [\u003c000000008c7b4afc\u003e] device_initial_probe+0x13/0x20\n    [\u003c00000000e6e99665\u003e] bus_probe_device+0xfe/0x120\n    [\u003c00000000833fa90b\u003e] device_add+0x6a6/0xe00\n    [\u003c00000000fa901078\u003e] platform_device_add+0x180/0x380\n====================\n\nThe fix is to freeing request_list entry once the processed entry is\nremoved from the request_list."
    },
    {
      "lang": "es",
      "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: HID: amd_sfh: Reparar p\u00e9rdida de memoria en amd_sfh_work La herramienta Kmemleak detect\u00f3 una p\u00e9rdida de memoria en el controlador amd_sfh. ==================== objeto sin referencia 0xffff88810228ada0 (tama\u00f1o 32): comm \"insmod\", pid 3968, jiffies 4295056001 (edad 775,792 s) volcado hexadecimal (primeros 32 bytes) : 00 20 73 1f 81 88 ff ff 00 01 00 00 00 00 ad de . s................. 22 01 00 00 00 00 ad de 01 00 02 00 00 00 00 00 \"................. retroceso: [\u0026lt; 000000007b4c8799\u0026gt;] kmem_cache_alloc_trace+0x163/0x4f0 [\u0026lt;0000000005326893\u0026gt;] amd_sfh_get_report+0xa4/0x1d0 [amd_sfh] [\u0026lt;000000002a9e5ec4\u0026gt;] amdtp_hid_request+0x6 2/0x80 [amd_sfh] [\u0026lt;00000000b8a95807\u0026gt;] sensor_hub_get_feature+0x145/0x270 [hid_sensor_hub] [\u0026lt;00000000fda054ee \u0026gt;] hid_sensor_parse_common_attributes+0x215/0x460 [hid_sensor_iio_common] [\u0026lt;0000000021279ecf\u0026gt;] hid_accel_3d_probe+0xff/0x4a0 [hid_sensor_accel_3d] [\u0026lt;00000000915760ce\u0026gt;] platform_probe+0x6a/0xd0 [ \u0026lt;0000000060258a1f\u0026gt;] very_probe+0x192/0x620 [\u0026lt;00000000fa812f2d\u0026gt;] driver_probe_device+ 0x14a/0x1d0 [\u0026lt;000000005e79f7fd\u0026gt;] __device_attach_driver+0xbd/0x110 [\u0026lt;0000000070d15018\u0026gt;] bus_for_each_drv+0xfd/0x160 [\u0026lt;0000000013a3c312\u0026gt;] __device_attach+0x1 8b/0x220 [\u0026lt;000000008c7b4afc\u0026gt;] dispositivo_sonda_inicial+0x13/0x20 [\u0026lt;00000000e6e99665\u0026gt;] bus_probe_dispositivo+ 0xfe/0x120 [\u0026lt;00000000833fa90b\u0026gt;] device_add+0x6a6/0xe00 [\u0026lt;00000000fa901078\u0026gt;] platform_device_add+0x180/0x380 ===================== La soluci\u00f3n es liberar la entrada request_list una vez que la entrada procesada se elimina de request_list."
    }
  ],
  "id": "CVE-2021-47133",
  "lastModified": "2025-01-07T17:30:18.143",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 5.5,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2024-03-15T21:15:07.733",
  "references": [
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/29beadea66a226d744d5ffdcde6b984623053d24"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/5ad755fd2b326aa2bc8910b0eb351ee6aece21b1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/29beadea66a226d744d5ffdcde6b984623053d24"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/5ad755fd2b326aa2bc8910b0eb351ee6aece21b1"
    }
  ],
  "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-401"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.