CVE-2021-47171
Vulnerability Summary
Timeline
Description
In the Linux kernel, the following vulnerability has been resolved: net: usb: fix memory leak in smsc75xx_bind Syzbot reported memory leak in smsc75xx_bind(). The problem was is non-freed memory in case of errors after memory allocation. backtrace: [<ffffffff84245b62>] kmalloc include/linux/slab.h:556 [inline] [<ffffffff84245b62>] kzalloc include/linux/slab.h:686 [inline] [<ffffffff84245b62>] smsc75xx_bind+0x7a/0x334 drivers/net/usb/smsc75xx.c:1460 [<ffffffff82b5b2e6>] usbnet_probe+0x3b6/0xc30 drivers/net/usb/usbnet.c:1728
CVSS Metrics
- v3.1•MEDIUM•Score: 5.5CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
EPSS Trends
Current EPSS score: 0.01%• Percentile: 2%
Techniques & Countermeasures
- CWE-401•Missing Release of Memory after Effective Lifetime
The product does not sufficiently track and release allocated memory after it has been used, making the memory unavailable for reallocation and reuse.
Affected Systems
- linux•linux
≥ d0cad871703b898a442e4049c532ec39168e5b57, < 200dbfcad8011e50c3cec269ed7b980836eeb1fa | ≥ d0cad871703b898a442e4049c532ec39168e5b57, < 22c840596af0c09068b6cf948616e6496e59e07f | ≥ d0cad871703b898a442e4049c532ec39168e5b57, < 9e6b8c1ff9d997e1fa16cbd2d60739adf6dc1bbc | ≥ d0cad871703b898a442e4049c532ec39168e5b57, < 9e6a3eccb28779710cbbafc4f4258d92509c6d07 | ≥ d0cad871703b898a442e4049c532ec39168e5b57, < b95fb96e6339e34694dd578fb6bde3575b01af17 | ≥ d0cad871703b898a442e4049c532ec39168e5b57, < 635ac38b36255d3cfb8312cf7c471334f4d537e0 | ≥ d0cad871703b898a442e4049c532ec39168e5b57, < 70c886ac93f87ae7214a0c69151a28a8075dd95b | ≥ d0cad871703b898a442e4049c532ec39168e5b57, < 46a8b29c6306d8bbfd92b614ef65a47c900d8e70 | 2.6.34
- linux•linux_kernel
≥ 2.6.34, < 4.4.271 | ≥ 4.5, < 4.9.271 | ≥ 4.10, < 4.14.235 | ≥ 4.15, < 4.19.193 | ≥ 4.20, < 5.4.124 | ≥ 5.5, < 5.10.42 | ≥ 5.11, < 5.12.9
References (8)
- https://git.kernel.org/stable/c/200dbfcad8011e50c3cec269ed7b980836eeb1fa
- https://git.kernel.org/stable/c/22c840596af0c09068b6cf948616e6496e59e07f
- https://git.kernel.org/stable/c/9e6b8c1ff9d997e1fa16cbd2d60739adf6dc1bbc
- https://git.kernel.org/stable/c/9e6a3eccb28779710cbbafc4f4258d92509c6d07
- https://git.kernel.org/stable/c/b95fb96e6339e34694dd578fb6bde3575b01af17
- https://git.kernel.org/stable/c/635ac38b36255d3cfb8312cf7c471334f4d537e0
- https://git.kernel.org/stable/c/70c886ac93f87ae7214a0c69151a28a8075dd95b
- https://git.kernel.org/stable/c/46a8b29c6306d8bbfd92b614ef65a47c900d8e70