Resource Leak Affecting kernel-bootwrapper package, versions *
Threat Intelligence
Do your applications use this vulnerable package?
In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applications- Snyk ID SNYK-RHEL7-KERNELBOOTWRAPPER-6498333
- published 26 Mar 2024
- disclosed 25 Mar 2024
Introduced: 25 Mar 2024
CVE-2021-47173 Open this link in a new tabHow to fix?
There is no fixed version for RHEL:7
kernel-bootwrapper
.
NVD Description
Note: Versions mentioned in the description apply only to the upstream kernel-bootwrapper
package and not the kernel-bootwrapper
package as distributed by RHEL
.
See How to fix?
for RHEL:7
relevant fixed versions and status.
In the Linux kernel, the following vulnerability has been resolved:
misc/uss720: fix memory leak in uss720_probe
uss720_probe forgets to decrease the refcount of usbdev in uss720_probe. Fix this by decreasing the refcount of usbdev by usb_put_dev.
BUG: memory leak unreferenced object 0xffff888101113800 (size 2048): comm "kworker/0:1", pid 7, jiffies 4294956777 (age 28.870s) hex dump (first 32 bytes): ff ff ff ff 31 00 00 00 00 00 00 00 00 00 00 00 ....1........... 00 00 00 00 00 00 00 00 00 00 00 00 03 00 00 00 ................ backtrace: [<ffffffff82b8e822>] kmalloc include/linux/slab.h:554 [inline] [<ffffffff82b8e822>] kzalloc include/linux/slab.h:684 [inline] [<ffffffff82b8e822>] usb_alloc_dev+0x32/0x450 drivers/usb/core/usb.c:582 [<ffffffff82b98441>] hub_port_connect drivers/usb/core/hub.c:5129 [inline] [<ffffffff82b98441>] hub_port_connect_change drivers/usb/core/hub.c:5363 [inline] [<ffffffff82b98441>] port_event drivers/usb/core/hub.c:5509 [inline] [<ffffffff82b98441>] hub_event+0x1171/0x20c0 drivers/usb/core/hub.c:5591 [<ffffffff81259229>] process_one_work+0x2c9/0x600 kernel/workqueue.c:2275 [<ffffffff81259b19>] worker_thread+0x59/0x5d0 kernel/workqueue.c:2421 [<ffffffff81261228>] kthread+0x178/0x1b0 kernel/kthread.c:292 [<ffffffff8100227f>] ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:294
References
- https://access.redhat.com/security/cve/CVE-2021-47173
- https://git.kernel.org/stable/c/36b5ff1db1a4ef4fdbc2bae364344279f033ad88
- https://git.kernel.org/stable/c/386918878ce4cd676e4607233866e03c9399a46a
- https://git.kernel.org/stable/c/5394ae9d8c7961dd93807fdf1b12a1dde96b0a55
- https://git.kernel.org/stable/c/5f46b2410db2c8f26b8bb91b40deebf4ec184391
- https://git.kernel.org/stable/c/7889c70e6173ef358f3cd7578db127a489035a42
- https://git.kernel.org/stable/c/a3c3face38cb49932c62adcc1289914f1c742096
- https://git.kernel.org/stable/c/bcb30cc8f8befcbdbcf7a016e4dfd4747c54a364
- https://git.kernel.org/stable/c/dcb4b8ad6a448532d8b681b5d1a7036210b622de