Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2021-47671

Опубликовано: 17 апр. 2025
Источник: nvd
CVSS3: 3.3
EPSS Низкий

Описание

In the Linux kernel, the following vulnerability has been resolved:

can: etas_es58x: es58x_rx_err_msg(): fix memory leak in error path

In es58x_rx_err_msg(), if can->do_set_mode() fails, the function directly returns without calling netif_rx(skb). This means that the skb previously allocated by alloc_can_err_skb() is not freed. In other terms, this is a memory leak.

This patch simply removes the return statement in the error branch and let the function continue.

Issue was found with GCC -fanalyzer, please follow the link below for details.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Версия от 5.13 (включая) до 5.14.19 (исключая)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Версия от 5.15 (включая) до 5.15.3 (исключая)

EPSS

Процентиль: 4%
0.0002
Низкий

3.3 Low

CVSS3

Дефекты

CWE-401

Связанные уязвимости

ubuntu логотип

CVE-2021-47671

CVSS3: 3.3
ubuntu
10 месяцев назад

In the Linux kernel, the following vulnerability has been resolved: can: etas_es58x: es58x_rx_err_msg(): fix memory leak in error path In es58x_rx_err_msg(), if can->do_set_mode() fails, the function directly returns without calling netif_rx(skb). This means that the skb previously allocated by alloc_can_err_skb() is not freed. In other terms, this is a memory leak. This patch simply removes the return statement in the error branch and let the function continue. Issue was found with GCC -fanalyzer, please follow the link below for details.

redhat логотип

CVE-2021-47671

CVSS3: 5.5
redhat
10 месяцев назад

In the Linux kernel, the following vulnerability has been resolved: can: etas_es58x: es58x_rx_err_msg(): fix memory leak in error path In es58x_rx_err_msg(), if can->do_set_mode() fails, the function directly returns without calling netif_rx(skb). This means that the skb previously allocated by alloc_can_err_skb() is not freed. In other terms, this is a memory leak. This patch simply removes the return statement in the error branch and let the function continue. Issue was found with GCC -fanalyzer, please follow the link below for details.

debian логотип

CVE-2021-47671

CVSS3: 3.3
debian
10 месяцев назад

In the Linux kernel, the following vulnerability has been resolved: c ...

github логотип

GHSA-fgr8-gcxj-6pq5

CVSS3: 3.3
github
10 месяцев назад

In the Linux kernel, the following vulnerability has been resolved: can: etas_es58x: es58x_rx_err_msg(): fix memory leak in error path In es58x_rx_err_msg(), if can->do_set_mode() fails, the function directly returns without calling netif_rx(skb). This means that the skb previously allocated by alloc_can_err_skb() is not freed. In other terms, this is a memory leak. This patch simply removes the return statement in the error branch and let the function continue. Issue was found with GCC -fanalyzer, please follow the link below for details.

suse-cvrf логотип

SUSE-SU-2025:01627-1

suse-cvrf
9 месяцев назад

Security update for the Linux Kernel

EPSS

Процентиль: 4%
0.0002
Низкий

3.3 Low

CVSS3

Дефекты

CWE-401