CVE-2021-47171

CVSS v3.1 5.5 (Medium)

EPSS 0.04 % (5^th)

Affected Products 1

Advisories 18

NVD Status Analyzed

In the Linux kernel, the following vulnerability has been resolved:

net: usb: fix memory leak in smsc75xx_bind

Syzbot reported memory leak in smsc75xx_bind().
The problem was is non-freed memory in case of
errors after memory allocation.

backtrace:
[<ffffffff84245b62>] kmalloc include/linux/slab.h:556 [inline]
[<ffffffff84245b62>] kzalloc include/linux/slab.h:686 [inline]
[<ffffffff84245b62>] smsc75xx_bind+0x7a/0x334 drivers/net/usb/smsc75xx.c:1460
[<ffffffff82b5b2e6>] usbnet_probe+0x3b6/0xc30 drivers/net/usb/usbnet.c:1728

Weaknesses

CWE-401: Missing Release of Memory after Effective Lifetime

CVE Status: PUBLISHED
NVD Status: Analyzed
CNA: kernel.org
Published Date: 2024-03-25 10:15:08
(5 months ago)
Updated Date: 2024-05-16 21:15:30
(4 months ago)

Affected Products

Linux

Linux Kernel

Configuration #1

	CPE23	From	Up To
Linux Kernel from 2.6.34 version and prior 4.4.271 version	cpe:2.3:o:linux:linux_kernel	>= 2.6.34	< 4.4.271
Linux Kernel from 4.5 version and prior 4.9.271 version	cpe:2.3:o:linux:linux_kernel	>= 4.5	< 4.9.271
Linux Kernel from 4.10 version and prior 4.14.235 version	cpe:2.3:o:linux:linux_kernel	>= 4.10	< 4.14.235
Linux Kernel from 4.15 version and prior 4.19.193 version	cpe:2.3:o:linux:linux_kernel	>= 4.15	< 4.19.193
Linux Kernel from 4.20 version and prior 5.4.124 version	cpe:2.3:o:linux:linux_kernel	>= 4.20	< 5.4.124
Linux Kernel from 5.5 version and prior 5.10.42 version	cpe:2.3:o:linux:linux_kernel	>= 5.5	< 5.10.42
Linux Kernel from 5.11 version and prior 5.12.9 version	cpe:2.3:o:linux:linux_kernel	>= 5.11	< 5.12.9