In the Linux kernel, the following vulnerability has been resolved:
phy: mdio: fix memory leak
Syzbot reported memory leak in MDIO bus interface, the problem was in
wrong state logic.
MDIOBUS_ALLOCATED indicates 2 states:
1. Bus is only allocated
2. Bus allocated and __mdiobus_register() fails, but
device_register() was called
In case of device_register() has been called we should call put_device()
to correctly free the memory allocated for this device, but mdiobus_free()
calls just kfree(dev) in case of MDIOBUS_ALLOCATED state
To avoid this behaviour we need to set bus->state to MDIOBUS_UNREGISTERED
_before_ calling device_register(), because put_device() should be
called even in case of device_register() failure.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: Linux
Published: 2024-05-21T15:04:06.042Z
Updated: 2024-08-04T05:39:59.091Z
Reserved: 2024-05-21T14:58:30.818Z
Link: CVE-2021-47416
Vulnrichment
Updated: 2024-08-04T05:39:59.091Z
NVD
Status : Awaiting Analysis
Published: 2024-05-21T15:15:27.083
Modified: 2024-05-21T16:53:56.550
Link: CVE-2021-47416
Redhat