CVE-2021-47171

Description

In the Linux kernel, the following vulnerability has been resolved: net: usb: fix memory leak in smsc75xx_bind Syzbot reported memory leak in smsc75xx_bind(). The problem was is non-freed memory in case of errors after memory allocation. backtrace: [<ffffffff84245b62>] kmalloc include/linux/slab.h:556 [inline] [<ffffffff84245b62>] kzalloc include/linux/slab.h:686 [inline] [<ffffffff84245b62>] smsc75xx_bind+0x7a/0x334 drivers/net/usb/smsc75xx.c:1460 [<ffffffff82b5b2e6>] usbnet_probe+0x3b6/0xc30 drivers/net/usb/usbnet.c:1728

Predictions

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

No vendor mitigations ingested yet for this CVE. The mitigation-content worker queues fetches as references arrive — check back in a few minutes, or see the references list below.

References

• https://errata.rockylinux.org/RLSA-2024:3627
• https://errata.rockylinux.org/RLSA-2024:3618
• https://www.suse.com/security/cve/CVE-2021-47171.html
• https://security-tracker.debian.org/tracker/CVE-2021-47171
• https://access.redhat.com/errata/RHSA-2024:3618
• https://bugzilla.redhat.com/2250843
• https://bugzilla.redhat.com/2257406
• https://bugzilla.redhat.com/2263875
• https://bugzilla.redhat.com/2265271
• https://bugzilla.redhat.com/2265646
• https://bugzilla.redhat.com/2265654
• https://bugzilla.redhat.com/2265833
• https://bugzilla.redhat.com/2266296
• https://bugzilla.redhat.com/2266446
• https://bugzilla.redhat.com/2266746
• https://bugzilla.redhat.com/2266841
• https://bugzilla.redhat.com/2267038
• https://bugzilla.redhat.com/2267185
• https://bugzilla.redhat.com/2267355
• https://bugzilla.redhat.com/2267509
• https://bugzilla.redhat.com/2267705
• https://bugzilla.redhat.com/2267724
• https://bugzilla.redhat.com/2267758
• https://bugzilla.redhat.com/2267789
• https://bugzilla.redhat.com/2267797

💬 Discuss CVE-2021-47171 on VIR Community →

Community-verified mitigations for this CVE will appear above when contributors publish them.