CVE-2021-47329

In the Linux kernel, the following vulnerability has been resolved: scsi: megaraid_sas: Fix resource leak in case of probe failure The driver doesn't clean up all the allocated resources properly when scsi_add_host(), megasas_start_aen() function fails during the PCI device probe. Clean up all those resources.

CVSS v3 6.2 MEDIUM

6.2^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 2.5 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://git.kernel.org/stable/c/04b6b9ea80906e3b41ff120b45db31768947cf72
https://git.kernel.org/stable/c/0680db6f41920b2c91c7df3cc9cd5968701a6f74
https://git.kernel.org/stable/c/0c6226601c3e191a44a57d8f9f814b7e5c308959
https://git.kernel.org/stable/c/b5438f48fdd8e1c3f130d32637511efd32038152
https://git.kernel.org/stable/c/e623f79691c5104317669ab36ec316a90c05062f

Configurations

No configuration.

History

No history.

Information

Published : 2024-05-21 15:15

Updated : 2024-07-03 01:37

NVD link : CVE-2021-47329

Mitre link : CVE-2021-47329

CVE.ORG link : CVE-2021-47329

JSON object : View

Products Affected

No product.

CWE

CWE-400

Uncontrolled Resource Consumption

{"id": "CVE-2021-47329", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.2, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 2.5}]}, "published": "2024-05-21T15:15:19.910", "references": [{"url": "https://git.kernel.org/stable/c/04b6b9ea80906e3b41ff120b45db31768947cf72", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/0680db6f41920b2c91c7df3cc9cd5968701a6f74", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/0c6226601c3e191a44a57d8f9f814b7e5c308959", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/b5438f48fdd8e1c3f130d32637511efd32038152", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/e623f79691c5104317669ab36ec316a90c05062f", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}], "vulnStatus": "Awaiting Analysis", "weaknesses": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "description": [{"lang": "en", "value": "CWE-400"}]}], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: megaraid_sas: Fix resource leak in case of probe failure\n\nThe driver doesn't clean up all the allocated resources properly when\nscsi_add_host(), megasas_start_aen() function fails during the PCI device\nprobe.\n\nClean up all those resources."}, {"lang": "es", "value": " En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: scsi: megaraid_sas: corrige la fuga de recursos en caso de fallo de la sonda El controlador no limpia todos los recursos asignados correctamente cuando la funci\u00f3n scsi_add_host(), megasas_start_aen() falla durante el dispositivo PCI Investigacion. Limpia todos esos recursos."}], "lastModified": "2024-07-03T01:37:40.793", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}