vulnerability

SUSE: CVE-2021-47231: SUSE Linux Security Advisory

Try Surface Command
Back to search
Severity
5
CVSS
(AV:L/AC:L/Au:S/C:N/I:N/A:C)
Published
May 21, 2024
Added
Aug 9, 2024
Modified
Feb 18, 2025

Description

In the Linux kernel, the following vulnerability has been resolved:

can: mcba_usb: fix memory leak in mcba_usb

Syzbot reported memory leak in SocketCAN driver for Microchip CAN BUS
Analyzer Tool. The problem was in unfreed usb_coherent.

In mcba_usb_start() 20 coherent buffers are allocated and there is
nothing, that frees them:

1) In callback function the urb is resubmitted and that's all
2) In disconnect function urbs are simply killed, but URB_FREE_BUFFER
is not set (see mcba_usb_start) and this flag cannot be used with
coherent buffers.

Fail log:
| [ 1354.053291][ T8413] mcba_usb 1-1:0.0 can0: device disconnected
| [ 1367.059384][ T8420] kmemleak: 20 new suspected memory leaks (see /sys/kernel/debug/kmem)

So, all allocated buffers should be freed with usb_free_coherent()
explicitly

NOTE:
The same pattern for allocating and freeing coherent buffers
is used in drivers/net/can/usb/kvaser_usb/kvaser_usb_core.c

Solutions

suse-upgrade-kernel-64kbsuse-upgrade-kernel-64kb-develsuse-upgrade-kernel-azuresuse-upgrade-kernel-azure-basesuse-upgrade-kernel-azure-develsuse-upgrade-kernel-defaultsuse-upgrade-kernel-default-basesuse-upgrade-kernel-default-develsuse-upgrade-kernel-default-extrasuse-upgrade-kernel-default-mansuse-upgrade-kernel-develsuse-upgrade-kernel-devel-azuresuse-upgrade-kernel-docssuse-upgrade-kernel-macrossuse-upgrade-kernel-obs-buildsuse-upgrade-kernel-preemptsuse-upgrade-kernel-preempt-develsuse-upgrade-kernel-sourcesuse-upgrade-kernel-source-azuresuse-upgrade-kernel-symssuse-upgrade-kernel-syms-azuresuse-upgrade-kernel-zfcpdumpsuse-upgrade-reiserfs-kmp-default

References

Title
NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today