admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-28 17:21:36 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2021/CVE-2021-471xx/CVE-2021-47133.json
cad-safe-bot 6d0c8a0fbe Auto-Update: 2025-01-07T19:00:35.982204+00:00
2025-01-07 19:03:59 +00:00

123 lines
6.6 KiB
JSON
Raw Blame History

{
"id": "CVE-2021-47133",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-03-15T21:15:07.733",
"lastModified": "2025-01-07T17:30:18.143",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: amd_sfh: Fix memory leak in amd_sfh_work\n\nKmemleak tool detected a memory leak in the amd_sfh driver.\n\n====================\nunreferenced object 0xffff88810228ada0 (size 32):\n comm \"insmod\", pid 3968, jiffies 4295056001 (age 775.792s)\n hex dump (first 32 bytes):\n 00 20 73 1f 81 88 ff ff 00 01 00 00 00 00 ad de . s.............\n 22 01 00 00 00 00 ad de 01 00 02 00 00 00 00 00 \"...............\n backtrace:\n [<000000007b4c8799>] kmem_cache_alloc_trace+0x163/0x4f0\n [<0000000005326893>] amd_sfh_get_report+0xa4/0x1d0 [amd_sfh]\n [<000000002a9e5ec4>] amdtp_hid_request+0x62/0x80 [amd_sfh]\n [<00000000b8a95807>] sensor_hub_get_feature+0x145/0x270 [hid_sensor_hub]\n [<00000000fda054ee>] hid_sensor_parse_common_attributes+0x215/0x460 [hid_sensor_iio_common]\n [<0000000021279ecf>] hid_accel_3d_probe+0xff/0x4a0 [hid_sensor_accel_3d]\n [<00000000915760ce>] platform_probe+0x6a/0xd0\n [<0000000060258a1f>] really_probe+0x192/0x620\n [<00000000fa812f2d>] driver_probe_device+0x14a/0x1d0\n [<000000005e79f7fd>] __device_attach_driver+0xbd/0x110\n [<0000000070d15018>] bus_for_each_drv+0xfd/0x160\n [<0000000013a3c312>] __device_attach+0x18b/0x220\n [<000000008c7b4afc>] device_initial_probe+0x13/0x20\n [<00000000e6e99665>] bus_probe_device+0xfe/0x120\n [<00000000833fa90b>] device_add+0x6a6/0xe00\n [<00000000fa901078>] platform_device_add+0x180/0x380\n====================\n\nThe fix is to freeing request_list entry once the processed entry is\nremoved from the request_list."
},
{
"lang": "es",
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: HID: amd_sfh: Reparar p\u00e9rdida de memoria en amd_sfh_work La herramienta Kmemleak detect\u00f3 una p\u00e9rdida de memoria en el controlador amd_sfh. ==================== objeto sin referencia 0xffff88810228ada0 (tama\u00f1o 32): comm \"insmod\", pid 3968, jiffies 4295056001 (edad 775,792 s) volcado hexadecimal (primeros 32 bytes) : 00 20 73 1f 81 88 ff ff 00 01 00 00 00 00 ad de . s................. 22 01 00 00 00 00 ad de 01 00 02 00 00 00 00 00 \"................. retroceso: [&lt; 000000007b4c8799&gt;] kmem_cache_alloc_trace+0x163/0x4f0 [&lt;0000000005326893&gt;] amd_sfh_get_report+0xa4/0x1d0 [amd_sfh] [&lt;000000002a9e5ec4&gt;] amdtp_hid_request+0x6 2/0x80 [amd_sfh] [&lt;00000000b8a95807&gt;] sensor_hub_get_feature+0x145/0x270 [hid_sensor_hub] [&lt;00000000fda054ee &gt;] hid_sensor_parse_common_attributes+0x215/0x460 [hid_sensor_iio_common] [&lt;0000000021279ecf&gt;] hid_accel_3d_probe+0xff/0x4a0 [hid_sensor_accel_3d] [&lt;00000000915760ce&gt;] platform_probe+0x6a/0xd0 [ &lt;0000000060258a1f&gt;] very_probe+0x192/0x620 [&lt;00000000fa812f2d&gt;] driver_probe_device+ 0x14a/0x1d0 [&lt;000000005e79f7fd&gt;] __device_attach_driver+0xbd/0x110 [&lt;0000000070d15018&gt;] bus_for_each_drv+0xfd/0x160 [&lt;0000000013a3c312&gt;] __device_attach+0x1 8b/0x220 [&lt;000000008c7b4afc&gt;] dispositivo_sonda_inicial+0x13/0x20 [&lt;00000000e6e99665&gt;] bus_probe_dispositivo+ 0xfe/0x120 [&lt;00000000833fa90b&gt;] device_add+0x6a6/0xe00 [&lt;00000000fa901078&gt;] platform_device_add+0x180/0x380 ===================== La soluci\u00f3n es liberar la entrada request_list una vez que la entrada procesada se elimina de request_list."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-401"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.12.10",
"matchCriteriaId": "27384800-AB48-4C08-891E-34B66F5FC4AA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.13:rc1:*:*:*:*:*:*",
"matchCriteriaId": "0CBAD0FC-C281-4666-AB2F-F8E6E1165DF7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.13:rc2:*:*:*:*:*:*",
"matchCriteriaId": "96AC23B2-D46A-49D9-8203-8E1BEDCA8532"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.13:rc3:*:*:*:*:*:*",
"matchCriteriaId": "DA610E30-717C-4700-9F77-A3C9244F3BFD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.13:rc4:*:*:*:*:*:*",
"matchCriteriaId": "1ECD33F5-85BE-430B-8F86-8D7BD560311D"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/29beadea66a226d744d5ffdcde6b984623053d24",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/5ad755fd2b326aa2bc8910b0eb351ee6aece21b1",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/29beadea66a226d744d5ffdcde6b984623053d24",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "https://git.kernel.org/stable/c/5ad755fd2b326aa2bc8910b0eb351ee6aece21b1",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
}
]
}
Reference in New Issue View Git Blame Copy Permalink