cve/2021/CVE-2021-47170.md

### [CVE-2021-47170](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-47170)
![](https://img.shields.io/static/v1?label=Product&message=Linux&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=1da177e4c3f41524e886b7f1b8a0c1fc7321cac2%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=blue)

### Description

In the Linux kernel, the following vulnerability has been resolved:USB: usbfs: Don't WARN about excessively large memory allocationsSyzbot found that the kernel generates a WARNing if the user tries tosubmit a bulk transfer through usbfs with a buffer that is way toolarge.  This isn't a bug in the kernel; it's merely an invalid requestfrom the user and the usbfs code does handle it correctly.In theory the same thing can happen with async transfers, or with thepacket descriptor table for isochronous transfers.To prevent the MM subsystem from complaining about these badallocation requests, add the __GFP_NOWARN flag to the kmalloc callsfor these buffers.

### POC

#### Reference
No PoCs from references.

#### Github
- https://github.com/ARPSyndicate/cve-scores