Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve416baaa9-dc9f-4396-8d5f-8c081fb06d67CVE-2021-47173
HistoryMar 25, 2024 - 10:15 a.m.

CVE-2021-47173

2024-03-2510:15:09
CWE-401
416baaa9-dc9f-4396-8d5f-8c081fb06d67
web.nvd.nist.gov
35
linux kernel usb driver
memory leak
vulnerability

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

6.2 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

5.1%

JSON

In the Linux kernel, the following vulnerability has been resolved:

misc/uss720: fix memory leak in uss720_probe

uss720_probe forgets to decrease the refcount of usbdev in uss720_probe.
Fix this by decreasing the refcount of usbdev by usb_put_dev.

BUG: memory leak
unreferenced object 0xffff888101113800 (size 2048):
comm “kworker/0:1”, pid 7, jiffies 4294956777 (age 28.870s)
hex dump (first 32 bytes):
ff ff ff ff 31 00 00 00 00 00 00 00 00 00 00 00 …1…
00 00 00 00 00 00 00 00 00 00 00 00 03 00 00 00 …
backtrace:
[<ffffffff82b8e822>] kmalloc include/linux/slab.h:554 [inline]
[<ffffffff82b8e822>] kzalloc include/linux/slab.h:684 [inline]
[<ffffffff82b8e822>] usb_alloc_dev+0x32/0x450 drivers/usb/core/usb.c:582
[<ffffffff82b98441>] hub_port_connect drivers/usb/core/hub.c:5129 [inline]
[<ffffffff82b98441>] hub_port_connect_change drivers/usb/core/hub.c:5363 [inline]
[<ffffffff82b98441>] port_event drivers/usb/core/hub.c:5509 [inline]
[<ffffffff82b98441>] hub_event+0x1171/0x20c0 drivers/usb/core/hub.c:5591
[<ffffffff81259229>] process_one_work+0x2c9/0x600 kernel/workqueue.c:2275
[<ffffffff81259b19>] worker_thread+0x59/0x5d0 kernel/workqueue.c:2421
[<ffffffff81261228>] kthread+0x178/0x1b0 kernel/kthread.c:292
[<ffffffff8100227f>] ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:294

Affected configurations

Vulners
NVD
Node
linuxlinux_kernelRange2.6.144.4.271
OR
linuxlinux_kernelRange4.5.04.9.271
OR
linuxlinux_kernelRange4.10.04.14.235
OR
linuxlinux_kernelRange4.15.04.19.193
OR
linuxlinux_kernelRange4.20.05.4.124
OR
linuxlinux_kernelRange5.5.05.10.42
OR
linuxlinux_kernelRange5.11.05.12.9
OR
linuxlinux_kernelRange5.13.0
VendorProductVersionCPE
linuxlinux_kernel*cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
linuxlinux_kernel*cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
linuxlinux_kernel*cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
linuxlinux_kernel*cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
linuxlinux_kernel*cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
linuxlinux_kernel*cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
linuxlinux_kernel*cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
linuxlinux_kernel*cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

CNA Affected

[
  {
    "product": "Linux",
    "vendor": "Linux",
    "defaultStatus": "unaffected",
    "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
    "programFiles": [
      "drivers/usb/misc/uss720.c"
    ],
    "versions": [
      {
        "version": "0f36163d3abe",
        "lessThan": "5f46b2410db2",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "0f36163d3abe",
        "lessThan": "7889c70e6173",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "0f36163d3abe",
        "lessThan": "bcb30cc8f8be",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "0f36163d3abe",
        "lessThan": "386918878ce4",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "0f36163d3abe",
        "lessThan": "36b5ff1db1a4",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "0f36163d3abe",
        "lessThan": "5394ae9d8c79",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "0f36163d3abe",
        "lessThan": "a3c3face38cb",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "0f36163d3abe",
        "lessThan": "dcb4b8ad6a44",
        "status": "affected",
        "versionType": "git"
      }
    ]
  },
  {
    "product": "Linux",
    "vendor": "Linux",
    "defaultStatus": "affected",
    "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
    "programFiles": [
      "drivers/usb/misc/uss720.c"
    ],
    "versions": [
      {
        "version": "2.6.14",
        "status": "affected"
      },
      {
        "version": "0",
        "lessThan": "2.6.14",
        "status": "unaffected",
        "versionType": "custom"
      },
      {
        "version": "4.4.271",
        "lessThanOrEqual": "4.4.*",
        "status": "unaffected",
        "versionType": "custom"
      },
      {
        "version": "4.9.271",
        "lessThanOrEqual": "4.9.*",
        "status": "unaffected",
        "versionType": "custom"
      },
      {
        "version": "4.14.235",
        "lessThanOrEqual": "4.14.*",
        "status": "unaffected",
        "versionType": "custom"
      },
      {
        "version": "4.19.193",
        "lessThanOrEqual": "4.19.*",
        "status": "unaffected",
        "versionType": "custom"
      },
      {
        "version": "5.4.124",
        "lessThanOrEqual": "5.4.*",
        "status": "unaffected",
        "versionType": "custom"
      },
      {
        "version": "5.10.42",
        "lessThanOrEqual": "5.10.*",
        "status": "unaffected",
        "versionType": "custom"
      },
      {
        "version": "5.12.9",
        "lessThanOrEqual": "5.12.*",
        "status": "unaffected",
        "versionType": "custom"
      },
      {
        "version": "5.13",
        "lessThanOrEqual": "*",
        "status": "unaffected",
        "versionType": "original_commit_for_fix"
      }
    ]
  }
]

Related

cvelist 1
redhatcve 1
debiancve 1
vulnrichment 1
ubuntucve 1
nvd 1
nessus 7
openvas 1
cvelist
cvelist
CVE-2021-47173 misc/uss720: fix memory leak in uss720_probe
2024-03-25 09:16:24
redhatcve
redhatcve
CVE-2021-47173
2024-03-25 17:54:36
debiancve
debiancve
CVE-2021-47173
2024-03-25 10:15:09
vulnrichment
vulnrichment
CVE-2021-47173 misc/uss720: fix memory leak in uss720_probe
2024-03-25 09:16:24
ubuntucve
ubuntucve
CVE-2021-47173
2024-03-25 00:00:00
nvd
nvd
CVE-2021-47173
2024-03-25 10:15:09
nessus
nessus
SUSE SLES15 Security Update : kernel (SUSE-SU-2024:1454-1)
2024-04-29 00:00:00
SUSE SLED12 / SLES12 Security Update : kernel (SUSE-SU-2024:1648-1)
2024-05-15 00:00:00
SUSE SLES12 Security Update : kernel (SUSE-SU-2024:1646-1)
2024-05-15 00:00:00
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2024:1643-1)
2024-05-15 00:00:00

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

6.2 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

5.1%

JSON
Related for CVE-2021-47173
cvelist1redhatcve1debiancve1vulnrichment1ubuntucve1nvd1nessus7openvas1