CVE-2021-47442 : In the Linux kernel, the following vulnerability has been resolved: NFC: digita

In the Linux kernel, the following vulnerability has been resolved: NFC: digital: fix possible memory leak in digital_in_send_sdd_req() 'skb' is allocated in digital_in_send_sdd_req(), but not free when digital_in_send_cmd() failed, which will cause memory leak. Fix it by freeing 'skb' if digital_in_send_cmd() return failed.

Published 2024-05-22 06:19:36

Updated 2025-01-07 20:14:00

Source Linux

View at NVD, CVE.org

Products affected by CVE-2021-47442

Linux » Linux Kernel
Versions from including (>=) 3.13 and before (<) 4.4.290
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel
Versions from including (>=) 4.10 and before (<) 4.14.252
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel
Versions from including (>=) 5.5 and before (<) 5.10.75
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel
Versions from including (>=) 4.15 and before (<) 4.19.213
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel
Versions from including (>=) 4.20 and before (<) 5.4.155
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel
Versions from including (>=) 5.11 and before (<) 5.14.14
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel
Versions from including (>=) 4.5 and before (<) 4.9.288
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 5.15 Update RC1
cpe:2.3:o:linux:linux_kernel:5.15:rc1:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 5.15 Update RC2
cpe:2.3:o:linux:linux_kernel:5.15:rc2:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 5.15 Update RC3
cpe:2.3:o:linux:linux_kernel:5.15:rc3:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 5.15 Update RC4
cpe:2.3:o:linux:linux_kernel:5.15:rc4:*:*:*:*:*:*
Matching versions
Linux » Linux Kernel » Version: 5.15 Update RC5
cpe:2.3:o:linux:linux_kernel:5.15:rc5:*:*:*:*:*:*
Matching versions

Exploit prediction scoring system (EPSS) score for CVE-2021-47442

EPSS FAQ

0.05%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 12 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2021-47442

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source	First Seen
5.5	MEDIUM	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H	1.8	3.6	NIST	2025-01-07
Attack Vector: Local Attack Complexity: Low Privileges Required: Low User Interaction: None Scope: Unchanged Confidentiality: None Integrity: None Availability: High

CWE ids for CVE-2021-47442

CWE-401 Missing Release of Memory after Effective Lifetime

The product does not sufficiently track and release allocated memory after it has been used, making the memory unavailable for reallocation and reuse.

Assigned by: nvd@nist.gov (Primary)

References for CVE-2021-47442

https://git.kernel.org/stable/c/071bdef36391958c89af5fa2172f691b31baa212

NFC: digital: fix possible memory leak in digital_in_send_sdd_req() - kernel/git/stable/linux.git - Linux kernel stable tree
Patch
https://git.kernel.org/stable/c/50cb95487c265187289810addec5093d4fed8329

NFC: digital: fix possible memory leak in digital_in_send_sdd_req() - kernel/git/stable/linux.git - Linux kernel stable tree
Patch
https://git.kernel.org/stable/c/74569c78aa84f8c958f1334b465bc530906ec99a

NFC: digital: fix possible memory leak in digital_in_send_sdd_req() - kernel/git/stable/linux.git - Linux kernel stable tree
Patch
https://git.kernel.org/stable/c/88c890b0b9a1fb9fcd01c61ada515e8b636c34f9

NFC: digital: fix possible memory leak in digital_in_send_sdd_req() - kernel/git/stable/linux.git - Linux kernel stable tree
Patch
https://git.kernel.org/stable/c/6432d7f1d1c3aa74cfe8f5e3afdf81b786c32e86

NFC: digital: fix possible memory leak in digital_in_send_sdd_req() - kernel/git/stable/linux.git - Linux kernel stable tree
Patch
https://git.kernel.org/stable/c/291c932fc3692e4d211a445ba8aa35663831bac7

NFC: digital: fix possible memory leak in digital_in_send_sdd_req() - kernel/git/stable/linux.git - Linux kernel stable tree
Patch
https://git.kernel.org/stable/c/fcce6e5255474ca33c27dda0cdf9bf5087278873

NFC: digital: fix possible memory leak in digital_in_send_sdd_req() - kernel/git/stable/linux.git - Linux kernel stable tree
Patch
https://git.kernel.org/stable/c/2bde4aca56db9fe25405d39ddb062531493a65db

NFC: digital: fix possible memory leak in digital_in_send_sdd_req() - kernel/git/stable/linux.git - Linux kernel stable tree
Patch

Jump to

Vulnerability Details : CVE-2021-47442

Products affected by CVE-2021-47442

Exploit prediction scoring system (EPSS) score for CVE-2021-47442

CVSS scores for CVE-2021-47442

CWE ids for CVE-2021-47442

References for CVE-2021-47442