CVE-2021-47405 - OpenCVE

In the Linux kernel, the following vulnerability has been resolved: HID: usbhid: free raw_report buffers in usbhid_stop Free the unsent raw_report buffers when the device is removed. Fixes a memory leak reported by syzbot at: https://syzkaller.appspot.com/bug?id=7b4fa7cb1a7c2d3342a2a8a6c53371c8c418ab47

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required High

Scope Unchanged

Confidentiality Impact Low

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation none

Automatable no

Technical Impact partial

No data.

References

Link	Providers
https://git.kernel.org/stable/c/2b704864c92dcec2b295f276fcfbfb81d9831f81
https://git.kernel.org/stable/c/764ac04de056801dfe52a716da63f6e7018e7f3b
https://git.kernel.org/stable/c/7ce4e49146612261265671b1d30d117139021030
https://git.kernel.org/stable/c/965147067fa1bedff3ae1f07ce3f89f1a14d2df3
https://git.kernel.org/stable/c/c3156fea4d8a0e643625dff69a0421e872d1fdae
https://git.kernel.org/stable/c/efc5c8d29256955cc90d8d570849b2d6121ed09f
https://git.kernel.org/stable/c/f7744fa16b96da57187dc8e5634152d3b63d72de
https://git.kernel.org/stable/c/f7ac4d24e1610b92689946fa88177673f1e88a3f
https://lore.kernel.org/linux-cve-announce/2024052150-CVE-2021-47405-b693@gregkh/T
https://nvd.nist.gov/vuln/detail/CVE-2021-47405
https://www.cve.org/CVERecord?id=CVE-2021-47405

History

Mon, 04 Nov 2024 12:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Thu, 12 Sep 2024 08:30:00 +0000

Type	Values Removed	Values Added
Metrics	ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Wed, 11 Sep 2024 13:30:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2024-05-21T15:03:58.680Z

Updated: 2024-11-04T12:05:17.800Z

Reserved: 2024-05-21T14:58:30.816Z

Link: CVE-2021-47405

Vulnrichment

Updated: 2024-08-04T05:39:59.329Z

NVD

Status : Awaiting Analysis

Published: 2024-05-21T15:15:26.030

Modified: 2024-05-21T16:54:26.047

Link: CVE-2021-47405

Redhat

Severity : Low

Publid Date: 2024-05-21T00:00:00Z

Links: CVE-2021-47405 - Bugzilla

Metrics

Attack Vector Local

Attack Complexity Low

Privileges Required High

Scope Unchanged

Confidentiality Impact Low

Integrity Impact None

Availability Impact High

User Interaction None

Exploitation none

Automatable no

Technical Impact partial

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object