CVE-2021-47258 - OpenCVE

In the Linux kernel, the following vulnerability has been resolved: scsi: core: Fix error handling of scsi_host_alloc() After device is initialized via device_initialize(), or its name is set via dev_set_name(), the device has to be freed via put_device(). Otherwise device name will be leaked because it is allocated dynamically in dev_set_name(). Fix the leak by replacing kfree() with put_device(). Since scsi_host_dev_release() properly handles IDA and kthread removal, remove special-casing these from the error handling as well.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact Low

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

No data.

No data.

No data.

References

Link	Providers
https://git.kernel.org/stable/c/2dc85045ae65b9302a1d2e2ddd7ce4c030153a6a
https://git.kernel.org/stable/c/45d83db4728127944b237c0c8248987df9d478e7
https://git.kernel.org/stable/c/66a834d092930cf41d809c0e989b13cd6f9ca006
https://git.kernel.org/stable/c/79296e292d67fa7b5fb8d8c27343683e823872c8
https://git.kernel.org/stable/c/7a696ce1d5d16a33a6cd6400bbcc0339b2460e11
https://git.kernel.org/stable/c/8958181c1663e24a13434448e7d6b96b5d04900a
https://git.kernel.org/stable/c/db08ce595dd64ea9859f7d088b51cbfc8e685c66
https://lore.kernel.org/linux-cve-announce/2024052146-CVE-2021-47258-f276@gregkh/T
https://nvd.nist.gov/vuln/detail/CVE-2021-47258
https://www.cve.org/CVERecord?id=CVE-2021-47258

History

No history.

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2024-05-21T14:19:52.082Z

Updated: 2024-11-04T12:02:27.618Z

Reserved: 2024-04-10T18:59:19.540Z

Link: CVE-2021-47258

Vulnrichment

Updated: 2024-08-04T05:32:07.870Z

NVD

Status : Awaiting Analysis

Published: 2024-05-21T15:15:14.537

Modified: 2024-05-21T16:54:26.047

Link: CVE-2021-47258

Redhat

Severity : Low

Publid Date: 2024-05-21T00:00:00Z

Links: CVE-2021-47258 - Bugzilla

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2021-47258", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2024-04-10T18:59:19.540Z", "datePublished": "2024-05-21T14:19:52.082Z", "dateUpdated": "2024-11-04T12:02:27.618Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2024-11-04T12:02:27.618Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: core: Fix error handling of scsi_host_alloc()\n\nAfter device is initialized via device_initialize(), or its name is set via\ndev_set_name(), the device has to be freed via put_device(). Otherwise\ndevice name will be leaked because it is allocated dynamically in\ndev_set_name().\n\nFix the leak by replacing kfree() with put_device(). Since\nscsi_host_dev_release() properly handles IDA and kthread removal, remove\nspecial-casing these from the error handling as well."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/scsi/hosts.c"], "versions": [{"version": "1da177e4c3f4", "lessThan": "8958181c1663", "status": "affected", "versionType": "git"}, {"version": "1da177e4c3f4", "lessThan": "db08ce595dd6", "status": "affected", "versionType": "git"}, {"version": "1da177e4c3f4", "lessThan": "2dc85045ae65", "status": "affected", "versionType": "git"}, {"version": "1da177e4c3f4", "lessThan": "79296e292d67", "status": "affected", "versionType": "git"}, {"version": "1da177e4c3f4", "lessThan": "7a696ce1d5d1", "status": "affected", "versionType": "git"}, {"version": "1da177e4c3f4", "lessThan": "45d83db47281", "status": "affected", "versionType": "git"}, {"version": "1da177e4c3f4", "lessThan": "66a834d09293", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/scsi/hosts.c"], "versions": [{"version": "4.9.273", "lessThanOrEqual": "4.9.*", "status": "unaffected", "versionType": "semver"}, {"version": "4.14.237", "lessThanOrEqual": "4.14.*", "status": "unaffected", "versionType": "semver"}, {"version": "4.19.195", "lessThanOrEqual": "4.19.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.4.126", "lessThanOrEqual": "5.4.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.10.44", "lessThanOrEqual": "5.10.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.12.11", "lessThanOrEqual": "5.12.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.13", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "references": [{"url": "https://git.kernel.org/stable/c/8958181c1663e24a13434448e7d6b96b5d04900a"}, {"url": "https://git.kernel.org/stable/c/db08ce595dd64ea9859f7d088b51cbfc8e685c66"}, {"url": "https://git.kernel.org/stable/c/2dc85045ae65b9302a1d2e2ddd7ce4c030153a6a"}, {"url": "https://git.kernel.org/stable/c/79296e292d67fa7b5fb8d8c27343683e823872c8"}, {"url": "https://git.kernel.org/stable/c/7a696ce1d5d16a33a6cd6400bbcc0339b2460e11"}, {"url": "https://git.kernel.org/stable/c/45d83db4728127944b237c0c8248987df9d478e7"}, {"url": "https://git.kernel.org/stable/c/66a834d092930cf41d809c0e989b13cd6f9ca006"}], "title": "scsi: core: Fix error handling of scsi_host_alloc()", "x_generator": {"engine": "bippy-9e1c9544281a"}}, "adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2021-47258", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-05-23T18:04:09.968762Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-04T17:14:07.335Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T05:32:07.870Z"}, "title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/8958181c1663e24a13434448e7d6b96b5d04900a", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/db08ce595dd64ea9859f7d088b51cbfc8e685c66", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/2dc85045ae65b9302a1d2e2ddd7ce4c030153a6a", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/79296e292d67fa7b5fb8d8c27343683e823872c8", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/7a696ce1d5d16a33a6cd6400bbcc0339b2460e11", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/45d83db4728127944b237c0c8248987df9d478e7", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/66a834d092930cf41d809c0e989b13cd6f9ca006", "tags": ["x_transferred"]}]}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/8958181c1663e24a13434448e7d6b96b5d04900a", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/db08ce595dd64ea9859f7d088b51cbfc8e685c66", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/2dc85045ae65b9302a1d2e2ddd7ce4c030153a6a", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/79296e292d67fa7b5fb8d8c27343683e823872c8", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/7a696ce1d5d16a33a6cd6400bbcc0339b2460e11", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/45d83db4728127944b237c0c8248987df9d478e7", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/66a834d092930cf41d809c0e989b13cd6f9ca006", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T05:32:07.870Z"}}, {"metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2021-47258", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-05-23T18:04:09.968762Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-05-23T18:04:14.773Z"}, "title": "CISA ADP Vulnrichment"}], "cna": {"title": "scsi: core: Fix error handling of scsi_host_alloc()", "affected": [{"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "1da177e4c3f4", "lessThan": "8958181c1663", "versionType": "git"}, {"status": "affected", "version": "1da177e4c3f4", "lessThan": "db08ce595dd6", "versionType": "git"}, {"status": "affected", "version": "1da177e4c3f4", "lessThan": "2dc85045ae65", "versionType": "git"}, {"status": "affected", "version": "1da177e4c3f4", "lessThan": "79296e292d67", "versionType": "git"}, {"status": "affected", "version": "1da177e4c3f4", "lessThan": "7a696ce1d5d1", "versionType": "git"}, {"status": "affected", "version": "1da177e4c3f4", "lessThan": "45d83db47281", "versionType": "git"}, {"status": "affected", "version": "1da177e4c3f4", "lessThan": "66a834d09293", "versionType": "git"}], "programFiles": ["drivers/scsi/hosts.c"], "defaultStatus": "unaffected"}, {"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "unaffected", "version": "4.9.273", "versionType": "custom", "lessThanOrEqual": "4.9.*"}, {"status": "unaffected", "version": "4.14.237", "versionType": "custom", "lessThanOrEqual": "4.14.*"}, {"status": "unaffected", "version": "4.19.195", "versionType": "custom", "lessThanOrEqual": "4.19.*"}, {"status": "unaffected", "version": "5.4.126", "versionType": "custom", "lessThanOrEqual": "5.4.*"}, {"status": "unaffected", "version": "5.10.44", "versionType": "custom", "lessThanOrEqual": "5.10.*"}, {"status": "unaffected", "version": "5.12.11", "versionType": "custom", "lessThanOrEqual": "5.12.*"}, {"status": "unaffected", "version": "5.13", "versionType": "original_commit_for_fix", "lessThanOrEqual": "*"}], "programFiles": ["drivers/scsi/hosts.c"], "defaultStatus": "affected"}], "references": [{"url": "https://git.kernel.org/stable/c/8958181c1663e24a13434448e7d6b96b5d04900a"}, {"url": "https://git.kernel.org/stable/c/db08ce595dd64ea9859f7d088b51cbfc8e685c66"}, {"url": "https://git.kernel.org/stable/c/2dc85045ae65b9302a1d2e2ddd7ce4c030153a6a"}, {"url": "https://git.kernel.org/stable/c/79296e292d67fa7b5fb8d8c27343683e823872c8"}, {"url": "https://git.kernel.org/stable/c/7a696ce1d5d16a33a6cd6400bbcc0339b2460e11"}, {"url": "https://git.kernel.org/stable/c/45d83db4728127944b237c0c8248987df9d478e7"}, {"url": "https://git.kernel.org/stable/c/66a834d092930cf41d809c0e989b13cd6f9ca006"}], "x_generator": {"engine": "bippy-a5840b7849dd"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: core: Fix error handling of scsi_host_alloc()\n\nAfter device is initialized via device_initialize(), or its name is set via\ndev_set_name(), the device has to be freed via put_device(). Otherwise\ndevice name will be leaked because it is allocated dynamically in\ndev_set_name().\n\nFix the leak by replacing kfree() with put_device(). Since\nscsi_host_dev_release() properly handles IDA and kthread removal, remove\nspecial-casing these from the error handling as well."}], "providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2024-05-29T05:04:49.255Z"}}}, "cveMetadata": {"cveId": "CVE-2021-47258", "state": "PUBLISHED", "dateUpdated": "2024-08-04T05:32:07.870Z", "dateReserved": "2024-04-10T18:59:19.540Z", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "datePublished": "2024-05-21T14:19:52.082Z", "assignerShortName": "Linux"}, "dataVersion": "5.1"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: core: Fix error handling of scsi_host_alloc()\n\nAfter device is initialized via device_initialize(), or its name is set via\ndev_set_name(), the device has to be freed via put_device(). Otherwise\ndevice name will be leaked because it is allocated dynamically in\ndev_set_name().\n\nFix the leak by replacing kfree() with put_device(). Since\nscsi_host_dev_release() properly handles IDA and kthread removal, remove\nspecial-casing these from the error handling as well."}, {"lang": "es", "value": " En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: scsi: core: corrige el manejo de errores de scsi_host_alloc(). Despu\u00e9s de que el dispositivo se inicializa mediante device_initialize(), o su nombre se establece mediante dev_set_name(), el dispositivo debe liberarse mediante put_device (). De lo contrario, se filtrar\u00e1 el nombre del dispositivo porque se asigna din\u00e1micamente en dev_set_name(). Solucione la fuga reemplazando kfree() con put_device(). Dado que scsi_host_dev_release() maneja adecuadamente la eliminaci\u00f3n de IDA y kthread, elimine tambi\u00e9n estas may\u00fasculas y min\u00fasculas especiales del manejo de errores."}], "id": "CVE-2021-47258", "lastModified": "2024-05-21T16:54:26.047", "metrics": {}, "published": "2024-05-21T15:15:14.537", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/2dc85045ae65b9302a1d2e2ddd7ce4c030153a6a"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/45d83db4728127944b237c0c8248987df9d478e7"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/66a834d092930cf41d809c0e989b13cd6f9ca006"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/79296e292d67fa7b5fb8d8c27343683e823872c8"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/7a696ce1d5d16a33a6cd6400bbcc0339b2460e11"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/8958181c1663e24a13434448e7d6b96b5d04900a"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/db08ce595dd64ea9859f7d088b51cbfc8e685c66"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Awaiting Analysis"}

{"bugzilla": {"description": "kernel: scsi: core: Fix error handling of scsi_host_alloc()", "id": "2282549", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2282549"}, "csaw": false, "cvss3": {"cvss3_base_score": "6.1", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L", "status": "draft"}, "cwe": "CWE-402", "details": ["In the Linux kernel, the following vulnerability has been resolved:\nscsi: core: Fix error handling of scsi_host_alloc()\nAfter device is initialized via device_initialize(), or its name is set via\ndev_set_name(), the device has to be freed via put_device(). Otherwise\ndevice name will be leaked because it is allocated dynamically in\ndev_set_name().\nFix the leak by replacing kfree() with put_device(). Since\nscsi_host_dev_release() properly handles IDA and kthread removal, remove\nspecial-casing these from the error handling as well."], "name": "CVE-2021-47258", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2024-05-21T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2021-47258\nhttps://nvd.nist.gov/vuln/detail/CVE-2021-47258\nhttps://lore.kernel.org/linux-cve-announce/2024052146-CVE-2021-47258-f276@gregkh/T"], "threat_severity": "Low", "upstream_fix": "kernel 4.9.273, kernel 4.14.237, kernel 4.19.195, kernel 5.4.126, kernel 5.10.44, kernel 5.12.11, kernel 5.13"}