{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2021-47054", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2024-02-29T22:33:44.293Z", "datePublished": "2024-02-29T22:37:29.140Z", "dateUpdated": "2024-08-04T05:24:39.625Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2024-05-29T05:01:18.553Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nbus: qcom: Put child node before return\n\nPut child node before return to fix potential reference count leak.\nGenerally, the reference count of child is incremented and decremented\nautomatically in the macro for_each_available_child_of_node() and should\nbe decremented manually if the loop is broken in loop body."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/bus/qcom-ebi2.c"], "versions": [{"version": "335a12754808", "lessThan": "a6191e91c10e", "status": "affected", "versionType": "git"}, {"version": "335a12754808", "lessThan": "94810fc52925", "status": "affected", "versionType": "git"}, {"version": "335a12754808", "lessThan": "a399dd80e697", "status": "affected", "versionType": "git"}, {"version": "335a12754808", "lessThan": "3a76ec28824c", "status": "affected", "versionType": "git"}, {"version": "335a12754808", "lessThan": "00f6abd3509b", "status": "affected", "versionType": "git"}, {"version": "335a12754808", "lessThan": "6b68c03dfc79", "status": "affected", "versionType": "git"}, {"version": "335a12754808", "lessThan": "c6f8e0dc8da1", "status": "affected", "versionType": "git"}, {"version": "335a12754808", "lessThan": "ac6ad7c2a862", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/bus/qcom-ebi2.c"], "versions": [{"version": "4.9", "status": "affected"}, {"version": "0", "lessThan": "4.9", "status": "unaffected", "versionType": "custom"}, {"version": "4.9.269", "lessThanOrEqual": "4.9.*", "status": "unaffected", "versionType": "custom"}, {"version": "4.14.233", "lessThanOrEqual": "4.14.*", "status": "unaffected", "versionType": "custom"}, {"version": "4.19.191", "lessThanOrEqual": "4.19.*", "status": "unaffected", "versionType": "custom"}, {"version": "5.4.119", "lessThanOrEqual": "5.4.*", "status": "unaffected", "versionType": "custom"}, {"version": "5.10.37", "lessThanOrEqual": "5.10.*", "status": "unaffected", "versionType": "custom"}, {"version": "5.11.21", "lessThanOrEqual": "5.11.*", "status": "unaffected", "versionType": "custom"}, {"version": "5.12.4", "lessThanOrEqual": "5.12.*", "status": "unaffected", "versionType": "custom"}, {"version": "5.13", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "references": [{"url": "https://git.kernel.org/stable/c/a6191e91c10e50bd51db65a00e03d02b6b0cf8c4"}, {"url": "https://git.kernel.org/stable/c/94810fc52925eb122a922df7f9966cf3f4ba7391"}, {"url": "https://git.kernel.org/stable/c/a399dd80e697a02cfb23e2fc09b87849994043d9"}, {"url": "https://git.kernel.org/stable/c/3a76ec28824c01b57aa1f0927841d75e4f167cb8"}, {"url": "https://git.kernel.org/stable/c/00f6abd3509b1d70d0ab0fbe65ce5685cebed8be"}, {"url": "https://git.kernel.org/stable/c/6b68c03dfc79cd95a58dfd03f91f6e82829a1b0c"}, {"url": "https://git.kernel.org/stable/c/c6f8e0dc8da1cd78d640dee392071cc2326ec1b2"}, {"url": "https://git.kernel.org/stable/c/ac6ad7c2a862d682bb584a4bc904d89fa7721af8"}], "title": "bus: qcom: Put child node before return", "x_generator": {"engine": "bippy-a5840b7849dd"}}, "adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2021-47054", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-03-06T19:38:43.241210Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-04T17:14:21.965Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T05:24:39.625Z"}, "title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/a6191e91c10e50bd51db65a00e03d02b6b0cf8c4", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/94810fc52925eb122a922df7f9966cf3f4ba7391", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/a399dd80e697a02cfb23e2fc09b87849994043d9", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/3a76ec28824c01b57aa1f0927841d75e4f167cb8", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/00f6abd3509b1d70d0ab0fbe65ce5685cebed8be", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/6b68c03dfc79cd95a58dfd03f91f6e82829a1b0c", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/c6f8e0dc8da1cd78d640dee392071cc2326ec1b2", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/ac6ad7c2a862d682bb584a4bc904d89fa7721af8", "tags": ["x_transferred"]}]}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/a6191e91c10e50bd51db65a00e03d02b6b0cf8c4", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/94810fc52925eb122a922df7f9966cf3f4ba7391", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/a399dd80e697a02cfb23e2fc09b87849994043d9", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/3a76ec28824c01b57aa1f0927841d75e4f167cb8", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/00f6abd3509b1d70d0ab0fbe65ce5685cebed8be", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/6b68c03dfc79cd95a58dfd03f91f6e82829a1b0c", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/c6f8e0dc8da1cd78d640dee392071cc2326ec1b2", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/ac6ad7c2a862d682bb584a4bc904d89fa7721af8", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T05:24:39.625Z"}}, {"metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2021-47054", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-03-06T19:38:43.241210Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-05-23T19:01:16.166Z"}, "title": "CISA ADP Vulnrichment"}], "cna": {"title": "bus: qcom: Put child node before return", "affected": [{"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "335a12754808", "lessThan": "a6191e91c10e", "versionType": "git"}, {"status": "affected", "version": "335a12754808", "lessThan": "94810fc52925", "versionType": "git"}, {"status": "affected", "version": "335a12754808", "lessThan": "a399dd80e697", "versionType": "git"}, {"status": "affected", "version": "335a12754808", "lessThan": "3a76ec28824c", "versionType": "git"}, {"status": "affected", "version": "335a12754808", "lessThan": "00f6abd3509b", "versionType": "git"}, {"status": "affected", "version": "335a12754808", "lessThan": "6b68c03dfc79", "versionType": "git"}, {"status": "affected", "version": "335a12754808", "lessThan": "c6f8e0dc8da1", "versionType": "git"}, {"status": "affected", "version": "335a12754808", "lessThan": "ac6ad7c2a862", "versionType": "git"}], "programFiles": ["drivers/bus/qcom-ebi2.c"], "defaultStatus": "unaffected"}, {"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "4.9"}, {"status": "unaffected", "version": "0", "lessThan": "4.9", "versionType": "custom"}, {"status": "unaffected", "version": "4.9.269", "versionType": "custom", "lessThanOrEqual": "4.9.*"}, {"status": "unaffected", "version": "4.14.233", "versionType": "custom", "lessThanOrEqual": "4.14.*"}, {"status": "unaffected", "version": "4.19.191", "versionType": "custom", "lessThanOrEqual": "4.19.*"}, {"status": "unaffected", "version": "5.4.119", "versionType": "custom", "lessThanOrEqual": "5.4.*"}, {"status": "unaffected", "version": "5.10.37", "versionType": "custom", "lessThanOrEqual": "5.10.*"}, {"status": "unaffected", "version": "5.11.21", "versionType": "custom", "lessThanOrEqual": "5.11.*"}, {"status": "unaffected", "version": "5.12.4", "versionType": "custom", "lessThanOrEqual": "5.12.*"}, {"status": "unaffected", "version": "5.13", "versionType": "original_commit_for_fix", "lessThanOrEqual": "*"}], "programFiles": ["drivers/bus/qcom-ebi2.c"], "defaultStatus": "affected"}], "references": [{"url": "https://git.kernel.org/stable/c/a6191e91c10e50bd51db65a00e03d02b6b0cf8c4"}, {"url": "https://git.kernel.org/stable/c/94810fc52925eb122a922df7f9966cf3f4ba7391"}, {"url": "https://git.kernel.org/stable/c/a399dd80e697a02cfb23e2fc09b87849994043d9"}, {"url": "https://git.kernel.org/stable/c/3a76ec28824c01b57aa1f0927841d75e4f167cb8"}, {"url": "https://git.kernel.org/stable/c/00f6abd3509b1d70d0ab0fbe65ce5685cebed8be"}, {"url": "https://git.kernel.org/stable/c/6b68c03dfc79cd95a58dfd03f91f6e82829a1b0c"}, {"url": "https://git.kernel.org/stable/c/c6f8e0dc8da1cd78d640dee392071cc2326ec1b2"}, {"url": "https://git.kernel.org/stable/c/ac6ad7c2a862d682bb584a4bc904d89fa7721af8"}], "x_generator": {"engine": "bippy-a5840b7849dd"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nbus: qcom: Put child node before return\n\nPut child node before return to fix potential reference count leak.\nGenerally, the reference count of child is incremented and decremented\nautomatically in the macro for_each_available_child_of_node() and should\nbe decremented manually if the loop is broken in loop body."}], "providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2024-05-29T05:01:18.553Z"}}}, "cveMetadata": {"cveId": "CVE-2021-47054", "state": "PUBLISHED", "dateUpdated": "2024-08-04T05:24:39.625Z", "dateReserved": "2024-02-29T22:33:44.293Z", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "datePublished": "2024-02-29T22:37:29.140Z", "assignerShortName": "Linux"}, "dataVersion": "5.1"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nbus: qcom: Put child node before return\n\nPut child node before return to fix potential reference count leak.\nGenerally, the reference count of child is incremented and decremented\nautomatically in the macro for_each_available_child_of_node() and should\nbe decremented manually if the loop is broken in loop body."}, {"lang": "es", "value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: bus: qcom: Colocar el nodo secundario antes del retorno. Colocar el nodo secundario antes del retorno para corregir una posible p\u00e9rdida del recuento de referencias. Generalmente, el recuento de referencia del ni\u00f1o se incrementa y disminuye autom\u00e1ticamente en la macro for_each_available_child_of_node() y debe disminuirse manualmente si el bucle se rompe en el cuerpo del bucle."}], "id": "CVE-2021-47054", "lastModified": "2024-03-01T14:04:26.010", "metrics": {}, "published": "2024-02-29T23:15:07.413", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/00f6abd3509b1d70d0ab0fbe65ce5685cebed8be"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/3a76ec28824c01b57aa1f0927841d75e4f167cb8"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/6b68c03dfc79cd95a58dfd03f91f6e82829a1b0c"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/94810fc52925eb122a922df7f9966cf3f4ba7391"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/a399dd80e697a02cfb23e2fc09b87849994043d9"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/a6191e91c10e50bd51db65a00e03d02b6b0cf8c4"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/ac6ad7c2a862d682bb584a4bc904d89fa7721af8"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/c6f8e0dc8da1cd78d640dee392071cc2326ec1b2"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Awaiting Analysis"}

{"bugzilla": {"description": "kernel: bus: qcom: memory leak while put child node before return", "id": "2267187", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2267187"}, "csaw": false, "cvss3": {"cvss3_base_score": "2.3", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L", "status": "draft"}, "cwe": "CWE-401", "details": ["In the Linux kernel, the following vulnerability has been resolved:\nbus: qcom: Put child node before return\nPut child node before return to fix potential reference count leak.\nGenerally, the reference count of child is incremented and decremented\nautomatically in the macro for_each_available_child_of_node() and should\nbe decremented manually if the loop is broken in loop body."], "name": "CVE-2021-47054", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2024-02-29T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2021-47054\nhttps://nvd.nist.gov/vuln/detail/CVE-2021-47054\nhttps://lore.kernel.org/linux-cve-announce/2024022950-CVE-2021-47054-c994@gregkh/T/#u"], "statement": "Red Hat Enterprise Linux 8 and 9 are not affected by this vulnerability.", "threat_severity": "Low", "upstream_fix": "kernel 4.9.269, kernel 4.14.233, kernel 4.19.191, kernel 5.4.119, kernel 5.10.37, kernel 5.11.21, kernel 5.12.4, kernel 5.13"}