vulnerability

SUSE: CVE-2021-47237: SUSE Linux Security Advisory

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
5	(AV:L/AC:L/Au:S/C:N/I:N/A:C)	05/21/2024	08/09/2024	01/28/2025

Severity

CVSS

(AV:L/AC:L/Au:S/C:N/I:N/A:C)

Published

05/21/2024

Added

08/09/2024

Modified

01/28/2025

Description

In the Linux kernel, the following vulnerability has been resolved:

net: hamradio: fix memory leak in mkiss_close

My local syzbot instance hit memory leak in
mkiss_open()[1]. The problem was in missing
free_netdev() in mkiss_close().

In mkiss_open() netdevice is allocated and then
registered, but in mkiss_close() netdevice was
only unregistered, but not freed.

Fail log:

BUG: memory leak
unreferenced object 0xffff8880281ba000 (size 4096):
comm "syz-executor.1", pid 11443, jiffies 4295046091 (age 17.660s)
hex dump (first 32 bytes):
61 78 30 00 00 00 00 00 00 00 00 00 00 00 00 00 ax0.............
00 27 fa 2a 80 88 ff ff 00 00 00 00 00 00 00 00 .'.*............
backtrace:
[] kvmalloc_node+0x61/0xf0
[] alloc_netdev_mqs+0x98/0xe80
[] mkiss_open+0xb2/0x6f0 [1]
[] tty_ldisc_open+0x9b/0x110
[] tty_set_ldisc+0x2e8/0x670
[] tty_ioctl+0xda3/0x1440
[] __x64_sys_ioctl+0x193/0x200
[] do_syscall_64+0x3a/0xb0
[] entry_SYSCALL_64_after_hwframe+0x44/0xae

BUG: memory leak
unreferenced object 0xffff8880141a9a00 (size 96):
comm "syz-executor.1", pid 11443, jiffies 4295046091 (age 17.660s)
hex dump (first 32 bytes):
e8 a2 1b 28 80 88 ff ff e8 a2 1b 28 80 88 ff ff ...(.......(....
98 92 9c aa b0 40 02 00 00 00 00 00 00 00 00 00 .....@..........
backtrace:
[] __hw_addr_create_ex+0x5b/0x310
[] __hw_addr_add_ex+0x1f8/0x2b0
[] dev_addr_init+0x10b/0x1f0
[] alloc_netdev_mqs+0x13b/0xe80
[] mkiss_open+0xb2/0x6f0 [1]
[] tty_ldisc_open+0x9b/0x110
[] tty_set_ldisc+0x2e8/0x670
[] tty_ioctl+0xda3/0x1440
[] __x64_sys_ioctl+0x193/0x200
[] do_syscall_64+0x3a/0xb0
[] entry_SYSCALL_64_after_hwframe+0x44/0xae

BUG: memory leak
unreferenced object 0xffff8880219bfc00 (size 512):
comm "syz-executor.1", pid 11443, jiffies 4295046091 (age 17.660s)
hex dump (first 32 bytes):
00 a0 1b 28 80 88 ff ff 80 8f b1 8d ff ff ff ff ...(............
80 8f b1 8d ff ff ff ff 00 00 00 00 00 00 00 00 ................
backtrace:
[] kvmalloc_node+0x61/0xf0
[] alloc_netdev_mqs+0x777/0xe80
[] mkiss_open+0xb2/0x6f0 [1]
[] tty_ldisc_open+0x9b/0x110
[] tty_set_ldisc+0x2e8/0x670
[] tty_ioctl+0xda3/0x1440
[] __x64_sys_ioctl+0x193/0x200
[] do_syscall_64+0x3a/0xb0
[] entry_SYSCALL_64_after_hwframe+0x44/0xae

BUG: memory leak
unreferenced object 0xffff888029b2b200 (size 256):
comm "syz-executor.1", pid 11443, jiffies 4295046091 (age 17.660s)
hex dump (first 32 bytes):
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
backtrace:
[] kvmalloc_node+0x61/0xf0
[] alloc_netdev_mqs+0x912/0xe80
[] mkiss_open+0xb2/0x6f0 [1]
[] tty_ldisc_open+0x9b/0x110
[] tty_set_ldisc+0x2e8/0x670
[] tty_ioctl+0xda3/0x1440
[] __x64_sys_ioctl+0x193/0x200
[] do_syscall_64+0x3a/0xb0
[] entry_SYSCALL_64_after_hwframe+0x44/0xae

Solution(s)

suse-upgrade-kernel-64kbsuse-upgrade-kernel-64kb-develsuse-upgrade-kernel-azuresuse-upgrade-kernel-azure-basesuse-upgrade-kernel-azure-develsuse-upgrade-kernel-defaultsuse-upgrade-kernel-default-basesuse-upgrade-kernel-default-develsuse-upgrade-kernel-default-extrasuse-upgrade-kernel-default-mansuse-upgrade-kernel-develsuse-upgrade-kernel-devel-azuresuse-upgrade-kernel-docssuse-upgrade-kernel-macrossuse-upgrade-kernel-obs-buildsuse-upgrade-kernel-preemptsuse-upgrade-kernel-preempt-develsuse-upgrade-kernel-sourcesuse-upgrade-kernel-source-azuresuse-upgrade-kernel-symssuse-upgrade-kernel-syms-azuresuse-upgrade-kernel-zfcpdumpsuse-upgrade-reiserfs-kmp-default

References

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today