{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2021-47499", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2024-05-22T06:20:56.204Z", "datePublished": "2024-05-24T15:01:42.684Z", "dateUpdated": "2024-09-11T17:33:23.165Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2024-05-29T05:09:01.337Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\niio: accel: kxcjk-1013: Fix possible memory leak in probe and remove\n\nWhen ACPI type is ACPI_SMO8500, the data->dready_trig will not be set, the\nmemory allocated by iio_triggered_buffer_setup() will not be freed, and cause\nmemory leak as follows:\n\nunreferenced object 0xffff888009551400 (size 512):\n comm \"i2c-SMO8500-125\", pid 911, jiffies 4294911787 (age 83.852s)\n hex dump (first 32 bytes):\n 02 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n 00 00 00 00 00 00 00 00 20 e2 e5 c0 ff ff ff ff ........ .......\n backtrace:\n [<0000000041ce75ee>] kmem_cache_alloc_trace+0x16d/0x360\n [<000000000aeb17b0>] iio_kfifo_allocate+0x41/0x130 [kfifo_buf]\n [<000000004b40c1f5>] iio_triggered_buffer_setup_ext+0x2c/0x210 [industrialio_triggered_buffer]\n [<000000004375b15f>] kxcjk1013_probe+0x10c3/0x1d81 [kxcjk_1013]\n\nFix it by remove data->dready_trig condition in probe and remove."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/iio/accel/kxcjk-1013.c"], "versions": [{"version": "a25691c1f967", "lessThan": "8c1d43f3a3fc", "status": "affected", "versionType": "git"}, {"version": "a25691c1f967", "lessThan": "60a55b9d91ba", "status": "affected", "versionType": "git"}, {"version": "a25691c1f967", "lessThan": "3899700ddacb", "status": "affected", "versionType": "git"}, {"version": "a25691c1f967", "lessThan": "a3730f74159a", "status": "affected", "versionType": "git"}, {"version": "a25691c1f967", "lessThan": "8c163a142771", "status": "affected", "versionType": "git"}, {"version": "a25691c1f967", "lessThan": "ee86d0bad80b", "status": "affected", "versionType": "git"}, {"version": "a25691c1f967", "lessThan": "14508fe13b1c", "status": "affected", "versionType": "git"}, {"version": "a25691c1f967", "lessThan": "70c9774e180d", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/iio/accel/kxcjk-1013.c"], "versions": [{"version": "4.2", "status": "affected"}, {"version": "0", "lessThan": "4.2", "status": "unaffected", "versionType": "custom"}, {"version": "4.4.295", "lessThanOrEqual": "4.4.*", "status": "unaffected", "versionType": "custom"}, {"version": "4.9.293", "lessThanOrEqual": "4.9.*", "status": "unaffected", "versionType": "custom"}, {"version": "4.14.258", "lessThanOrEqual": "4.14.*", "status": "unaffected", "versionType": "custom"}, {"version": "4.19.221", "lessThanOrEqual": "4.19.*", "status": "unaffected", "versionType": "custom"}, {"version": "5.4.165", "lessThanOrEqual": "5.4.*", "status": "unaffected", "versionType": "custom"}, {"version": "5.10.85", "lessThanOrEqual": "5.10.*", "status": "unaffected", "versionType": "custom"}, {"version": "5.15.8", "lessThanOrEqual": "5.15.*", "status": "unaffected", "versionType": "custom"}, {"version": "5.16", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "references": [{"url": "https://git.kernel.org/stable/c/8c1d43f3a3fc7184c42d7398bdf59a2a2903e4fc"}, {"url": "https://git.kernel.org/stable/c/60a55b9d91ba99eb8cf015bc46dc2de05e168a15"}, {"url": "https://git.kernel.org/stable/c/3899700ddacbf7aaafadf44464fff3ff0d4e3307"}, {"url": "https://git.kernel.org/stable/c/a3730f74159ad00a28960c0efe2a931fe6fe6b45"}, {"url": "https://git.kernel.org/stable/c/8c163a14277115ca962103910ab4cce55e862ffb"}, {"url": "https://git.kernel.org/stable/c/ee86d0bad80bdcd11a87e188a596727f41b62320"}, {"url": "https://git.kernel.org/stable/c/14508fe13b1c578b3d2ba574f1d48b351975860c"}, {"url": "https://git.kernel.org/stable/c/70c9774e180d151abaab358108e3510a8e615215"}], "title": "iio: accel: kxcjk-1013: Fix possible memory leak in probe and remove", "x_generator": {"engine": "bippy-a5840b7849dd"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T05:39:59.597Z"}, "title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/8c1d43f3a3fc7184c42d7398bdf59a2a2903e4fc", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/60a55b9d91ba99eb8cf015bc46dc2de05e168a15", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/3899700ddacbf7aaafadf44464fff3ff0d4e3307", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/a3730f74159ad00a28960c0efe2a931fe6fe6b45", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/8c163a14277115ca962103910ab4cce55e862ffb", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/ee86d0bad80bdcd11a87e188a596727f41b62320", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/14508fe13b1c578b3d2ba574f1d48b351975860c", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/70c9774e180d151abaab358108e3510a8e615215", "tags": ["x_transferred"]}]}, {"metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2021-47499", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-09-10T15:35:49.142206Z"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-11T17:33:23.165Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/8c1d43f3a3fc7184c42d7398bdf59a2a2903e4fc", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/60a55b9d91ba99eb8cf015bc46dc2de05e168a15", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/3899700ddacbf7aaafadf44464fff3ff0d4e3307", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/a3730f74159ad00a28960c0efe2a931fe6fe6b45", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/8c163a14277115ca962103910ab4cce55e862ffb", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/ee86d0bad80bdcd11a87e188a596727f41b62320", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/14508fe13b1c578b3d2ba574f1d48b351975860c", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/70c9774e180d151abaab358108e3510a8e615215", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T05:39:59.597Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2021-47499", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-09-10T15:35:49.142206Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-11T12:42:16.438Z"}}], "cna": {"title": "iio: accel: kxcjk-1013: Fix possible memory leak in probe and remove", "affected": [{"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "a25691c1f967", "lessThan": "8c1d43f3a3fc", "versionType": "git"}, {"status": "affected", "version": "a25691c1f967", "lessThan": "60a55b9d91ba", "versionType": "git"}, {"status": "affected", "version": "a25691c1f967", "lessThan": "3899700ddacb", "versionType": "git"}, {"status": "affected", "version": "a25691c1f967", "lessThan": "a3730f74159a", "versionType": "git"}, {"status": "affected", "version": "a25691c1f967", "lessThan": "8c163a142771", "versionType": "git"}, {"status": "affected", "version": "a25691c1f967", "lessThan": "ee86d0bad80b", "versionType": "git"}, {"status": "affected", "version": "a25691c1f967", "lessThan": "14508fe13b1c", "versionType": "git"}, {"status": "affected", "version": "a25691c1f967", "lessThan": "70c9774e180d", "versionType": "git"}], "programFiles": ["drivers/iio/accel/kxcjk-1013.c"], "defaultStatus": "unaffected"}, {"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "4.2"}, {"status": "unaffected", "version": "0", "lessThan": "4.2", "versionType": "custom"}, {"status": "unaffected", "version": "4.4.295", "versionType": "custom", "lessThanOrEqual": "4.4.*"}, {"status": "unaffected", "version": "4.9.293", "versionType": "custom", "lessThanOrEqual": "4.9.*"}, {"status": "unaffected", "version": "4.14.258", "versionType": "custom", "lessThanOrEqual": "4.14.*"}, {"status": "unaffected", "version": "4.19.221", "versionType": "custom", "lessThanOrEqual": "4.19.*"}, {"status": "unaffected", "version": "5.4.165", "versionType": "custom", "lessThanOrEqual": "5.4.*"}, {"status": "unaffected", "version": "5.10.85", "versionType": "custom", "lessThanOrEqual": "5.10.*"}, {"status": "unaffected", "version": "5.15.8", "versionType": "custom", "lessThanOrEqual": "5.15.*"}, {"status": "unaffected", "version": "5.16", "versionType": "original_commit_for_fix", "lessThanOrEqual": "*"}], "programFiles": ["drivers/iio/accel/kxcjk-1013.c"], "defaultStatus": "affected"}], "references": [{"url": "https://git.kernel.org/stable/c/8c1d43f3a3fc7184c42d7398bdf59a2a2903e4fc"}, {"url": "https://git.kernel.org/stable/c/60a55b9d91ba99eb8cf015bc46dc2de05e168a15"}, {"url": "https://git.kernel.org/stable/c/3899700ddacbf7aaafadf44464fff3ff0d4e3307"}, {"url": "https://git.kernel.org/stable/c/a3730f74159ad00a28960c0efe2a931fe6fe6b45"}, {"url": "https://git.kernel.org/stable/c/8c163a14277115ca962103910ab4cce55e862ffb"}, {"url": "https://git.kernel.org/stable/c/ee86d0bad80bdcd11a87e188a596727f41b62320"}, {"url": "https://git.kernel.org/stable/c/14508fe13b1c578b3d2ba574f1d48b351975860c"}, {"url": "https://git.kernel.org/stable/c/70c9774e180d151abaab358108e3510a8e615215"}], "x_generator": {"engine": "bippy-a5840b7849dd"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\niio: accel: kxcjk-1013: Fix possible memory leak in probe and remove\n\nWhen ACPI type is ACPI_SMO8500, the data->dready_trig will not be set, the\nmemory allocated by iio_triggered_buffer_setup() will not be freed, and cause\nmemory leak as follows:\n\nunreferenced object 0xffff888009551400 (size 512):\n comm \"i2c-SMO8500-125\", pid 911, jiffies 4294911787 (age 83.852s)\n hex dump (first 32 bytes):\n 02 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n 00 00 00 00 00 00 00 00 20 e2 e5 c0 ff ff ff ff ........ .......\n backtrace:\n [<0000000041ce75ee>] kmem_cache_alloc_trace+0x16d/0x360\n [<000000000aeb17b0>] iio_kfifo_allocate+0x41/0x130 [kfifo_buf]\n [<000000004b40c1f5>] iio_triggered_buffer_setup_ext+0x2c/0x210 [industrialio_triggered_buffer]\n [<000000004375b15f>] kxcjk1013_probe+0x10c3/0x1d81 [kxcjk_1013]\n\nFix it by remove data->dready_trig condition in probe and remove."}], "providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2024-05-29T05:09:01.337Z"}}}, "cveMetadata": {"cveId": "CVE-2021-47499", "state": "PUBLISHED", "dateUpdated": "2024-09-11T17:33:23.165Z", "dateReserved": "2024-05-22T06:20:56.204Z", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "datePublished": "2024-05-24T15:01:42.684Z", "assignerShortName": "Linux"}, "dataVersion": "5.1"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\niio: accel: kxcjk-1013: Fix possible memory leak in probe and remove\n\nWhen ACPI type is ACPI_SMO8500, the data->dready_trig will not be set, the\nmemory allocated by iio_triggered_buffer_setup() will not be freed, and cause\nmemory leak as follows:\n\nunreferenced object 0xffff888009551400 (size 512):\n comm \"i2c-SMO8500-125\", pid 911, jiffies 4294911787 (age 83.852s)\n hex dump (first 32 bytes):\n 02 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n 00 00 00 00 00 00 00 00 20 e2 e5 c0 ff ff ff ff ........ .......\n backtrace:\n [<0000000041ce75ee>] kmem_cache_alloc_trace+0x16d/0x360\n [<000000000aeb17b0>] iio_kfifo_allocate+0x41/0x130 [kfifo_buf]\n [<000000004b40c1f5>] iio_triggered_buffer_setup_ext+0x2c/0x210 [industrialio_triggered_buffer]\n [<000000004375b15f>] kxcjk1013_probe+0x10c3/0x1d81 [kxcjk_1013]\n\nFix it by remove data->dready_trig condition in probe and remove."}, {"lang": "es", "value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: iio: accel: kxcjk-1013: corrija la posible p\u00e9rdida de memoria en la sonda y elim\u00ednela. Cuando el tipo ACPI es ACPI_SMO8500, data-&gt;dready_trig no se configurar\u00e1, la memoria asignada por iio_triggered_buffer_setup( ) no se liberar\u00e1 y provocar\u00e1 una p\u00e9rdida de memoria de la siguiente manera: objeto sin referencia 0xffff888009551400 (tama\u00f1o 512): comm \"i2c-SMO8500-125\", pid 911, jiffies 4294911787 (edad 83,852 s) volcado hexadecimal (primeros 32 bytes): 02 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 20 e2 e5 c0 ff ff ff ff .... .... ....... retroceso: [&lt;0000000041ce75ee&gt;] kmem_cache_alloc_trace+0x16d/0x360 [&lt;000000000aeb17b0&gt;] iio_kfifo_allocate+0x41/0x130 [kfifo_buf] [&lt;000000004b40c1f5&gt;] ed_buffer_setup_ext+0x2c/0x210 [industrialio_triggered_buffer] [ &lt;000000004375b15f&gt;] kxcjk1013_probe+0x10c3/0x1d81 [kxcjk_1013] Solucionarlo eliminando la condici\u00f3n data-&gt;dready_trig en la sonda y elimin\u00e1ndola."}], "id": "CVE-2021-47499", "lastModified": "2024-05-24T18:09:20.027", "metrics": {}, "published": "2024-05-24T15:15:09.607", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/14508fe13b1c578b3d2ba574f1d48b351975860c"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/3899700ddacbf7aaafadf44464fff3ff0d4e3307"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/60a55b9d91ba99eb8cf015bc46dc2de05e168a15"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/70c9774e180d151abaab358108e3510a8e615215"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/8c163a14277115ca962103910ab4cce55e862ffb"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/8c1d43f3a3fc7184c42d7398bdf59a2a2903e4fc"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/a3730f74159ad00a28960c0efe2a931fe6fe6b45"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/ee86d0bad80bdcd11a87e188a596727f41b62320"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Awaiting Analysis"}

{"bugzilla": {"description": "kernel: iio: accel: kxcjk-1013: Fix possible memory leak in probe and remove", "id": "2283455", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2283455"}, "csaw": false, "cvss3": {"cvss3_base_score": "4.4", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L", "status": "draft"}, "cwe": "CWE-401", "details": ["In the Linux kernel, the following vulnerability has been resolved:\niio: accel: kxcjk-1013: Fix possible memory leak in probe and remove\nWhen ACPI type is ACPI_SMO8500, the data->dready_trig will not be set, the\nmemory allocated by iio_triggered_buffer_setup() will not be freed, and cause\nmemory leak as follows:\nunreferenced object 0xffff888009551400 (size 512):\ncomm \"i2c-SMO8500-125\", pid 911, jiffies 4294911787 (age 83.852s)\nhex dump (first 32 bytes):\n02 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n00 00 00 00 00 00 00 00 20 e2 e5 c0 ff ff ff ff ........ .......\nbacktrace:\n[<0000000041ce75ee>] kmem_cache_alloc_trace+0x16d/0x360\n[<000000000aeb17b0>] iio_kfifo_allocate+0x41/0x130 [kfifo_buf]\n[<000000004b40c1f5>] iio_triggered_buffer_setup_ext+0x2c/0x210 [industrialio_triggered_buffer]\n[<000000004375b15f>] kxcjk1013_probe+0x10c3/0x1d81 [kxcjk_1013]\nFix it by remove data->dready_trig condition in probe and remove."], "name": "CVE-2021-47499", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Will not fix", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Will not fix", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2024-05-24T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2021-47499\nhttps://nvd.nist.gov/vuln/detail/CVE-2021-47499"], "threat_severity": "Low", "upstream_fix": "kernel 4.4.295, kernel 4.9.293, kernel 4.14.258, kernel 4.19.221, kernel 5.4.165, kernel 5.10.85, kernel 5.15.8, kernel 5.16"}