CVE-2021-47455 in Linuxالمعلومات

الملخص

بحسب MITRE • 22/05/2024

In the Linux kernel, the following vulnerability has been resolved:

ptp: Fix possible memory leak in ptp_clock_register()

I got memory leak as follows when doing fault injection test:

unreferenced object 0xffff88800906c618 (size 8): comm "i2c-idt82p33931", pid 4421, jiffies 4294948083 (age 13.188s) hex dump (first 8 bytes): 70 74 70 30 00 00 00 00 ptp0.... backtrace: [] __kmalloc_track_caller+0x19f/0x3a0
[] kvasprintf+0xb5/0x150
[] kvasprintf_const+0x60/0x190
[] kobject_set_name_vargs+0x56/0x150
[] dev_set_name+0xc0/0x100
[] ptp_clock_register+0x9f4/0xd30 [ptp]
[] idt82p33_probe.cold+0x8b6/0x1561 [ptp_idt82p33]

When posix_clock_register() returns an error, the name allocated in dev_set_name() will be leaked, the put_device() should be used to give up the device reference, then the name will be freed in kobject_cleanup() and other memory will be freed in ptp_clock_release().

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

المصادر

Might our Artificial Intelligence support you?

Check our Alexa App!