Today > vulnerabilities   -   You can now download lists of IOCs here!

CVE-2021-47472

May 22, 2024, 12:46 p.m.

Product(s) Impacted

Linux kernel

Description

In the Linux kernel, the following vulnerability has been resolved: net: mdiobus: Fix memory leak in __mdiobus_register Once device_register() failed, we should call put_device() to decrement reference count for cleanup. Or it will cause memory leak. BUG: memory leak unreferenced object 0xffff888114032e00 (size 256): comm "kworker/1:3", pid 2960, jiffies 4294943572 (age 15.920s) hex dump (first 32 bytes): 00 00 00 00 00 00 00 00 08 2e 03 14 81 88 ff ff ................ 08 2e 03 14 81 88 ff ff 90 76 65 82 ff ff ff ff .........ve..... backtrace: [<ffffffff8265cfab>] kmalloc include/linux/slab.h:591 [inline] [<ffffffff8265cfab>] kzalloc include/linux/slab.h:721 [inline] [<ffffffff8265cfab>] device_private_init drivers/base/core.c:3203 [inline] [<ffffffff8265cfab>] device_add+0x89b/0xdf0 drivers/base/core.c:3253 [<ffffffff828dd643>] __mdiobus_register+0xc3/0x450 drivers/net/phy/mdio_bus.c:537 [<ffffffff828cb835>] __devm_mdiobus_register+0x75/0xf0 drivers/net/phy/mdio_devres.c:87 [<ffffffff82b92a00>] ax88772_init_mdio drivers/net/usb/asix_devices.c:676 [inline] [<ffffffff82b92a00>] ax88772_bind+0x330/0x480 drivers/net/usb/asix_devices.c:786 [<ffffffff82baa33f>] usbnet_probe+0x3ff/0xdf0 drivers/net/usb/usbnet.c:1745 [<ffffffff82c36e17>] usb_probe_interface+0x177/0x370 drivers/usb/core/driver.c:396 [<ffffffff82661d17>] call_driver_probe drivers/base/dd.c:517 [inline] [<ffffffff82661d17>] really_probe.part.0+0xe7/0x380 drivers/base/dd.c:596 [<ffffffff826620bc>] really_probe drivers/base/dd.c:558 [inline] [<ffffffff826620bc>] __driver_probe_device+0x10c/0x1e0 drivers/base/dd.c:751 [<ffffffff826621ba>] driver_probe_device+0x2a/0x120 drivers/base/dd.c:781 [<ffffffff82662a26>] __device_attach_driver+0xf6/0x140 drivers/base/dd.c:898 [<ffffffff8265eca7>] bus_for_each_drv+0xb7/0x100 drivers/base/bus.c:427 [<ffffffff826625a2>] __device_attach+0x122/0x260 drivers/base/dd.c:969 [<ffffffff82660916>] bus_probe_device+0xc6/0xe0 drivers/base/bus.c:487 [<ffffffff8265cd0b>] device_add+0x5fb/0xdf0 drivers/base/core.c:3359 [<ffffffff82c343b9>] usb_set_configuration+0x9d9/0xb90 drivers/usb/core/message.c:2170 [<ffffffff82c4473c>] usb_generic_driver_probe+0x8c/0xc0 drivers/usb/core/generic.c:238 BUG: memory leak unreferenced object 0xffff888116f06900 (size 32): comm "kworker/0:2", pid 2670, jiffies 4294944448 (age 7.160s) hex dump (first 32 bytes): 75 73 62 2d 30 30 31 3a 30 30 33 00 00 00 00 00 usb-001:003..... 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ backtrace: [<ffffffff81484516>] kstrdup+0x36/0x70 mm/util.c:60 [<ffffffff814845a3>] kstrdup_const+0x53/0x80 mm/util.c:83 [<ffffffff82296ba2>] kvasprintf_const+0xc2/0x110 lib/kasprintf.c:48 [<ffffffff82358d4b>] kobject_set_name_vargs+0x3b/0xe0 lib/kobject.c:289 [<ffffffff826575f3>] dev_set_name+0x63/0x90 drivers/base/core.c:3147 [<ffffffff828dd63b>] __mdiobus_register+0xbb/0x450 drivers/net/phy/mdio_bus.c:535 [<ffffffff828cb835>] __devm_mdiobus_register+0x75/0xf0 drivers/net/phy/mdio_devres.c:87 [<ffffffff82b92a00>] ax88772_init_mdio drivers/net/usb/asix_devices.c:676 [inline] [<ffffffff82b92a00>] ax88772_bind+0x330/0x480 drivers/net/usb/asix_devices.c:786 [<ffffffff82baa33f>] usbnet_probe+0x3ff/0xdf0 drivers/net/usb/usbnet.c:1745 [<ffffffff82c36e17>] usb_probe_interface+0x177/0x370 drivers/usb/core/driver.c:396 [<ffffffff82661d17>] call_driver_probe drivers/base/dd.c:517 [inline] [<ffffffff82661d17>] really_probe.part.0+0xe7/0x380 drivers/base/dd.c:596 [<ffffffff826620bc>] really_probe drivers/base/dd.c:558 [inline] [<ffffffff826620bc>] __driver_probe_device+0x10c/0x1e0 drivers/base/dd.c:751 [<ffffffff826621ba>] driver_probe_device+0x2a/0x120 drivers/base/dd.c:781 [<ffffffff82662a26>] __device_attach_driver+0xf6/0x140 drivers/base/dd.c:898 [<ffffffff8265eca7>] bus_for_each ---truncated---

Weaknesses

Date

Published: May 22, 2024, 7:15 a.m.

Last Modified: May 22, 2024, 12:46 p.m.

Status : Awaiting Analysis

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

416baaa9-dc9f-4396-8d5f-8c081fb06d67

References

https://git.kernel.org/ 416baaa9-dc9f-4396-8d5f-8c081fb06d67

https://git.kernel.org/ 416baaa9-dc9f-4396-8d5f-8c081fb06d67

https://git.kernel.org/ 416baaa9-dc9f-4396-8d5f-8c081fb06d67

https://git.kernel.org/ 416baaa9-dc9f-4396-8d5f-8c081fb06d67

https://git.kernel.org/ 416baaa9-dc9f-4396-8d5f-8c081fb06d67

https://git.kernel.org/ 416baaa9-dc9f-4396-8d5f-8c081fb06d67

https://git.kernel.org/ 416baaa9-dc9f-4396-8d5f-8c081fb06d67

https://git.kernel.org/ 416baaa9-dc9f-4396-8d5f-8c081fb06d67

https://git.kernel.org/ 416baaa9-dc9f-4396-8d5f-8c081fb06d67

https://git.kernel.org/ 416baaa9-dc9f-4396-8d5f-8c081fb06d67

https://git.kernel.org/ 416baaa9-dc9f-4396-8d5f-8c081fb06d67

https://git.kernel.org/ 416baaa9-dc9f-4396-8d5f-8c081fb06d67

https://git.kernel.org/ 416baaa9-dc9f-4396-8d5f-8c081fb06d67

https://git.kernel.org/ 416baaa9-dc9f-4396-8d5f-8c081fb06d67

https://git.kernel.org/ 416baaa9-dc9f-4396-8d5f-8c081fb06d67