CVE-2021-46985

Summary

In the Linux kernel, the following vulnerability has been resolved:

ACPI: scan: Fix a memory leak in an error handling path

If 'acpi_device_set_name()' fails, we must free 'acpi_device_bus_id->bus_id' or there is a (potential) memory leak.

Affected Software

VendorProductVersion RangeStatus
LinuxLinuxe5cdbe419004e172f642e876a671a9ff1c52f8bb < 6901a4f795e0e8d65ae779cb37fc22e0bf294712affected
LinuxLinux717d9d88fbd956ab03fad97266f6ce63a036e7f8 < 5ab9857dde7c3ea3faef6b128d718cf8ba98721baffected
LinuxLinux7385e438e1f31af5b86f72fd19b0dcd2738502c9 < 69cc821e89ce572884548ac54c4f80eec7a837a5affected
LinuxLinuxbc0b1a2036dd8072106ec81a8685ecb901f72ed6 < dafd4c0b5e835db020cff11c74b4af9493a58e72affected
LinuxLinux4a5891992c680d69d7e490e4d0428d17779d8e85 < e2381174daeae0ca35eddffef02dcc8de8c1ef8aaffected
LinuxLinux321dbe6c0b551f9f8030becc6900f77cf9bbb9ad < c5c8f6ffc942cf42f990f22e35bcf4cbe9d8c2fbaffected
LinuxLinuxeb50aaf960e3bedfef79063411ffd670da94b84b < a7e17a8d421ae23c920240625b4413c7b94d94a4affected
LinuxLinuxeb50aaf960e3bedfef79063411ffd670da94b84b < 0c8bd174f0fc131bc9dfab35cd8784f59045da87affected
LinuxLinux4.9.264 < 4.9.269affected
LinuxLinux4.14.228 < 4.14.233affected
LinuxLinux4.19.184 < 4.19.191affected
LinuxLinux5.4.109 < 5.4.120affected
LinuxLinux5.10.27 < 5.10.38affected
LinuxLinux5.11.11 < 5.11.22affected
LinuxLinux5.12affected
LinuxLinux0 < 5.12unaffected
LinuxLinux4.9.269 <= 4.9.*unaffected
LinuxLinux4.14.233 <= 4.14.*unaffected
LinuxLinux4.19.191 <= 4.19.*unaffected
LinuxLinux5.4.120 <= 5.4.*unaffected
LinuxLinux5.10.38 <= 5.10.*unaffected
LinuxLinux5.11.22 <= 5.11.*unaffected
LinuxLinux5.12.5 <= 5.12.*unaffected
LinuxLinux5.13 <= *unaffected

Weaknesses

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References