Vulnerability-Lookup

BDU:2025-03659

Vulnerability from fstec - Published: 13.10.2021

Title

Уязвимость функции digital_in_send_sdd_req() модуля net/nfc/digital_technology.c подсистемы NFC ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании.

Description

Уязвимость функции digital_in_send_sdd_req() модуля net/nfc/digital_technology.c подсистемы NFC ядра операционной системы Linux связана с неправильным освобождением памяти перед удалением последней ссылки («утечка памяти»). Эксплуатация уязвимости может позволить нарушителю вызвать отказ в обслуживании.

Severity ?


                    
                      AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Vendor

Canonical Ltd., Сообщество свободного программного обеспечения

Software Name

Ubuntu, Debian GNU/Linux, Linux

Software Version

14.04 LTS (Ubuntu), 16.04 LTS (Ubuntu), 18.04 LTS (Ubuntu), 20.04 LTS (Ubuntu), 11 (Debian GNU/Linux), 12 (Debian GNU/Linux), от 4.20 до 5.4.154 включительно (Linux), от 5.5 до 5.10.74 включительно (Linux), от 5.11 до 5.14.13 включительно (Linux), от 4.15 до 4.19.212 включительно (Linux), от 4.5 до 4.9.287 включительно (Linux), от 3.13 до 4.4.289 включительно (Linux), от 4.10 до 4.14.251 включительно (Linux)

Possible Mitigations

В условиях отсутствия обновлений безопасности от производителя рекомендуется придерживаться "Рекомендаций по безопасной настройке операционных систем LINUX", изложенных в методическом документе ФСТЭК России, утверждённом 25 декабря 2022 года. Использование рекомендаций: Для Linux: https://git.kernel.org/stable/c/6432d7f1d1c3aa74cfe8f5e3afdf81b786c32e86 https://git.kernel.org/stable/c/071bdef36391958c89af5fa2172f691b31baa212 https://git.kernel.org/stable/c/50cb95487c265187289810addec5093d4fed8329 https://git.kernel.org/stable/c/88c890b0b9a1fb9fcd01c61ada515e8b636c34f9 https://git.kernel.org/stable/c/2bde4aca56db9fe25405d39ddb062531493a65db https://git.kernel.org/stable/c/74569c78aa84f8c958f1334b465bc530906ec99a https://git.kernel.org/stable/c/fcce6e5255474ca33c27dda0cdf9bf5087278873 https://lore.kernel.org/linux-cve-announce/2024052240-CVE-2021-47442-5dcb@gregkh/ https://git.kernel.org/linus/291c932fc3692e4d211a445ba8aa35663831bac7 https://kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.290 https://kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.288 https://kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.252 https://kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.213 https://kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.155 https://kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.75 https://kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.14.14 Для Debian GNU/Linux: https://security-tracker.debian.org/tracker/CVE-2021-47442 Для Ubuntu: https://ubuntu.com/security/CVE-2021-47442

Reference

https://git.kernel.org/stable/c/6432d7f1d1c3aa74cfe8f5e3afdf81b786c32e86 https://git.kernel.org/stable/c/071bdef36391958c89af5fa2172f691b31baa212 https://git.kernel.org/stable/c/50cb95487c265187289810addec5093d4fed8329 https://git.kernel.org/stable/c/88c890b0b9a1fb9fcd01c61ada515e8b636c34f9 https://git.kernel.org/stable/c/2bde4aca56db9fe25405d39ddb062531493a65db https://git.kernel.org/stable/c/74569c78aa84f8c958f1334b465bc530906ec99a https://git.kernel.org/stable/c/fcce6e5255474ca33c27dda0cdf9bf5087278873 https://git.linuxtesting.ru/pub/scm/linux/kernel/git/lvc/linux-stable.git/commit/?h=v5.10.176-lvc1&id=50cb95487c265187289810addec5093d4fed8329 https://www.cve.org/CVERecord?id=CVE-2021-47442 https://lore.kernel.org/linux-cve-announce/2024052240-CVE-2021-47442-5dcb@gregkh/ https://git.kernel.org/linus/291c932fc3692e4d211a445ba8aa35663831bac7 https://kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.290 https://kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.288 https://kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.252 https://kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.213 https://kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.155 https://kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.75 https://kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.14.14 https://security-tracker.debian.org/tracker/CVE-2021-47442 https://ubuntu.com/security/CVE-2021-47442

CWE

CWE-401

JSON

To clipboard

{
  "CVSS 2.0": "AV:L/AC:L/Au:S/C:N/I:N/A:C",
  "CVSS 3.0": "AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
  "CVSS 4.0": null,
  "remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
  "remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
  "\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "Canonical Ltd., \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
  "\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "14.04 LTS (Ubuntu), 16.04 LTS (Ubuntu), 18.04 LTS (Ubuntu), 20.04 LTS (Ubuntu), 11 (Debian GNU/Linux), 12 (Debian GNU/Linux), \u043e\u0442 4.20 \u0434\u043e 5.4.154 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e (Linux), \u043e\u0442 5.5 \u0434\u043e 5.10.74 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e (Linux), \u043e\u0442 5.11 \u0434\u043e 5.14.13 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e (Linux), \u043e\u0442 4.15 \u0434\u043e 4.19.212 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e (Linux), \u043e\u0442 4.5 \u0434\u043e 4.9.287 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e (Linux), \u043e\u0442 3.13 \u0434\u043e 4.4.289 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e (Linux), \u043e\u0442 4.10 \u0434\u043e 4.14.251 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e (Linux)",
  "\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u0412 \u0443\u0441\u043b\u043e\u0432\u0438\u044f\u0445 \u043e\u0442\u0441\u0443\u0442\u0441\u0442\u0432\u0438\u044f \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u043e\u0442 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u043f\u0440\u0438\u0434\u0435\u0440\u0436\u0438\u0432\u0430\u0442\u044c\u0441\u044f \"\u0420\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439 \u043f\u043e \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0439 \u043d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0435 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c LINUX\", \u0438\u0437\u043b\u043e\u0436\u0435\u043d\u043d\u044b\u0445 \u0432 \u043c\u0435\u0442\u043e\u0434\u0438\u0447\u0435\u0441\u043a\u043e\u043c \u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442\u0435 \u0424\u0421\u0422\u042d\u041a \u0420\u043e\u0441\u0441\u0438\u0438, \u0443\u0442\u0432\u0435\u0440\u0436\u0434\u0451\u043d\u043d\u043e\u043c 25 \u0434\u0435\u043a\u0430\u0431\u0440\u044f 2022 \u0433\u043e\u0434\u0430.\n\n\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439:\n\u0414\u043b\u044f Linux:\nhttps://git.kernel.org/stable/c/6432d7f1d1c3aa74cfe8f5e3afdf81b786c32e86\nhttps://git.kernel.org/stable/c/071bdef36391958c89af5fa2172f691b31baa212\nhttps://git.kernel.org/stable/c/50cb95487c265187289810addec5093d4fed8329\nhttps://git.kernel.org/stable/c/88c890b0b9a1fb9fcd01c61ada515e8b636c34f9\nhttps://git.kernel.org/stable/c/2bde4aca56db9fe25405d39ddb062531493a65db\nhttps://git.kernel.org/stable/c/74569c78aa84f8c958f1334b465bc530906ec99a\nhttps://git.kernel.org/stable/c/fcce6e5255474ca33c27dda0cdf9bf5087278873\nhttps://lore.kernel.org/linux-cve-announce/2024052240-CVE-2021-47442-5dcb@gregkh/\nhttps://git.kernel.org/linus/291c932fc3692e4d211a445ba8aa35663831bac7\nhttps://kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.290\nhttps://kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.288\nhttps://kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.252\nhttps://kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.213\nhttps://kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.155\nhttps://kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.75\nhttps://kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.14.14\n\n\u0414\u043b\u044f Debian GNU/Linux:\nhttps://security-tracker.debian.org/tracker/CVE-2021-47442\n\n\u0414\u043b\u044f Ubuntu:\nhttps://ubuntu.com/security/CVE-2021-47442",
  "\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "13.10.2021",
  "\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "01.04.2025",
  "\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "01.04.2025",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2025-03659",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2021-47442",
  "\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
  "\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u0434\u0430",
  "\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "Ubuntu, Debian GNU/Linux, Linux",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": "Canonical Ltd. Ubuntu 14.04 LTS , Canonical Ltd. Ubuntu 16.04 LTS , Canonical Ltd. Ubuntu 18.04 LTS , Canonical Ltd. Ubuntu 20.04 LTS , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Debian GNU/Linux 11 , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Debian GNU/Linux 12 , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Linux \u043e\u0442 4.20 \u0434\u043e 5.4.154 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Linux \u043e\u0442 5.5 \u0434\u043e 5.10.74 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Linux \u043e\u0442 5.11 \u0434\u043e 5.14.13 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Linux \u043e\u0442 4.15 \u0434\u043e 4.19.212 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Linux \u043e\u0442 4.5 \u0434\u043e 4.9.287 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Linux \u043e\u0442 3.13 \u0434\u043e 4.4.289 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Linux \u043e\u0442 4.10 \u0434\u043e 4.14.251 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e ",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0444\u0443\u043d\u043a\u0446\u0438\u0438 digital_in_send_sdd_req() \u043c\u043e\u0434\u0443\u043b\u044f net/nfc/digital_technology.c \u043f\u043e\u0434\u0441\u0438\u0441\u0442\u0435\u043c\u044b NFC \u044f\u0434\u0440\u0430 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b Linux, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438.",
  "\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u041d\u0435\u043f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u043e\u0435 \u043e\u0441\u0432\u043e\u0431\u043e\u0436\u0434\u0435\u043d\u0438\u0435 \u043f\u0430\u043c\u044f\u0442\u0438 \u043f\u0435\u0440\u0435\u0434 \u0443\u0434\u0430\u043b\u0435\u043d\u0438\u0435\u043c \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0439 \u0441\u0441\u044b\u043b\u043a\u0438 (\u00ab\u0443\u0442\u0435\u0447\u043a\u0430 \u043f\u0430\u043c\u044f\u0442\u0438\u00bb) (CWE-401)",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0444\u0443\u043d\u043a\u0446\u0438\u0438 digital_in_send_sdd_req() \u043c\u043e\u0434\u0443\u043b\u044f net/nfc/digital_technology.c \u043f\u043e\u0434\u0441\u0438\u0441\u0442\u0435\u043c\u044b NFC \u044f\u0434\u0440\u0430 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b Linux \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043d\u0435\u043f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u044b\u043c \u043e\u0441\u0432\u043e\u0431\u043e\u0436\u0434\u0435\u043d\u0438\u0435\u043c \u043f\u0430\u043c\u044f\u0442\u0438 \u043f\u0435\u0440\u0435\u0434 \u0443\u0434\u0430\u043b\u0435\u043d\u0438\u0435\u043c \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0439 \u0441\u0441\u044b\u043b\u043a\u0438 (\u00ab\u0443\u0442\u0435\u0447\u043a\u0430 \u043f\u0430\u043c\u044f\u0442\u0438\u00bb). \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438.",
  "\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
  "\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": null,
  "\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u0418\u0441\u0447\u0435\u0440\u043f\u0430\u043d\u0438\u0435 \u0440\u0435\u0441\u0443\u0440\u0441\u043e\u0432",
  "\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "https://git.kernel.org/stable/c/6432d7f1d1c3aa74cfe8f5e3afdf81b786c32e86\nhttps://git.kernel.org/stable/c/071bdef36391958c89af5fa2172f691b31baa212\nhttps://git.kernel.org/stable/c/50cb95487c265187289810addec5093d4fed8329\nhttps://git.kernel.org/stable/c/88c890b0b9a1fb9fcd01c61ada515e8b636c34f9\nhttps://git.kernel.org/stable/c/2bde4aca56db9fe25405d39ddb062531493a65db\nhttps://git.kernel.org/stable/c/74569c78aa84f8c958f1334b465bc530906ec99a\nhttps://git.kernel.org/stable/c/fcce6e5255474ca33c27dda0cdf9bf5087278873\nhttps://git.linuxtesting.ru/pub/scm/linux/kernel/git/lvc/linux-stable.git/commit/?h=v5.10.176-lvc1\u0026id=50cb95487c265187289810addec5093d4fed8329\nhttps://www.cve.org/CVERecord?id=CVE-2021-47442\nhttps://lore.kernel.org/linux-cve-announce/2024052240-CVE-2021-47442-5dcb@gregkh/\nhttps://git.kernel.org/linus/291c932fc3692e4d211a445ba8aa35663831bac7\nhttps://kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.290\nhttps://kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.288\nhttps://kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.252\nhttps://kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.213\nhttps://kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.155\nhttps://kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.75\nhttps://kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.14.14\nhttps://security-tracker.debian.org/tracker/CVE-2021-47442\nhttps://ubuntu.com/security/CVE-2021-47442",
  "\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
  "\u0422\u0438\u043f \u041f\u041e": "\u041e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u0430\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u0430",
  "\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-401",
  "\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0421\u0440\u0435\u0434\u043d\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 4,6)\n\u0421\u0440\u0435\u0434\u043d\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 3.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 5,5)"
}

CVE-2021-47442 (GCVE-0-2021-47442)

Vulnerability from cvelistv5 – Published: 2024-05-22 06:19 – Updated: 2025-05-04 07:10

Title

NFC: digital: fix possible memory leak in digital_in_send_sdd_req()

Summary

In the Linux kernel, the following vulnerability has been resolved: NFC: digital: fix possible memory leak in digital_in_send_sdd_req() 'skb' is allocated in digital_in_send_sdd_req(), but not free when digital_in_send_cmd() failed, which will cause memory leak. Fix it by freeing 'skb' if digital_in_send_cmd() return failed.

Severity ?

No CVSS data available.

Assigner

Linux

References

URL

Tags

	https://git.kernel.org/stable/c/74569c78aa84f8c95…
	https://git.kernel.org/stable/c/88c890b0b9a1fb9fc…
	https://git.kernel.org/stable/c/fcce6e5255474ca33…
	https://git.kernel.org/stable/c/071bdef36391958c8…
	https://git.kernel.org/stable/c/2bde4aca56db9fe25…
	https://git.kernel.org/stable/c/50cb95487c2651872…
	https://git.kernel.org/stable/c/6432d7f1d1c3aa74c…
	https://git.kernel.org/stable/c/291c932fc3692e4d2…

Impacted products

Vendor

Product

Version

Linux

Affected: 2c66daecc4092e6049673c281b2e6f0d5e59a94c , < 74569c78aa84f8c958f1334b465bc530906ec99a (git)
Affected: 2c66daecc4092e6049673c281b2e6f0d5e59a94c , < 88c890b0b9a1fb9fcd01c61ada515e8b636c34f9 (git)
Affected: 2c66daecc4092e6049673c281b2e6f0d5e59a94c , < fcce6e5255474ca33c27dda0cdf9bf5087278873 (git)
Affected: 2c66daecc4092e6049673c281b2e6f0d5e59a94c , < 071bdef36391958c89af5fa2172f691b31baa212 (git)
Affected: 2c66daecc4092e6049673c281b2e6f0d5e59a94c , < 2bde4aca56db9fe25405d39ddb062531493a65db (git)
Affected: 2c66daecc4092e6049673c281b2e6f0d5e59a94c , < 50cb95487c265187289810addec5093d4fed8329 (git)
Affected: 2c66daecc4092e6049673c281b2e6f0d5e59a94c , < 6432d7f1d1c3aa74cfe8f5e3afdf81b786c32e86 (git)
Affected: 2c66daecc4092e6049673c281b2e6f0d5e59a94c , < 291c932fc3692e4d211a445ba8aa35663831bac7 (git)

Linux

Affected: 3.13
Unaffected: 0 , < 3.13 (semver)
Unaffected: 4.4.290 , ≤ 4.4.* (semver)
Unaffected: 4.9.288 , ≤ 4.9.* (semver)
Unaffected: 4.14.252 , ≤ 4.14.* (semver)
Unaffected: 4.19.213 , ≤ 4.19.* (semver)
Unaffected: 5.4.155 , ≤ 5.4.* (semver)
Unaffected: 5.10.75 , ≤ 5.10.* (semver)
Unaffected: 5.14.14 , ≤ 5.14.* (semver)
Unaffected: 5.15 , ≤ * (original_commit_for_fix)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-47442",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-22T18:47:55.982704Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:13:27.486Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T05:39:59.323Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/74569c78aa84f8c958f1334b465bc530906ec99a"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/88c890b0b9a1fb9fcd01c61ada515e8b636c34f9"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/fcce6e5255474ca33c27dda0cdf9bf5087278873"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/071bdef36391958c89af5fa2172f691b31baa212"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/2bde4aca56db9fe25405d39ddb062531493a65db"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/50cb95487c265187289810addec5093d4fed8329"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/6432d7f1d1c3aa74cfe8f5e3afdf81b786c32e86"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/291c932fc3692e4d211a445ba8aa35663831bac7"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "net/nfc/digital_technology.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "74569c78aa84f8c958f1334b465bc530906ec99a",
              "status": "affected",
              "version": "2c66daecc4092e6049673c281b2e6f0d5e59a94c",
              "versionType": "git"
            },
            {
              "lessThan": "88c890b0b9a1fb9fcd01c61ada515e8b636c34f9",
              "status": "affected",
              "version": "2c66daecc4092e6049673c281b2e6f0d5e59a94c",
              "versionType": "git"
            },
            {
              "lessThan": "fcce6e5255474ca33c27dda0cdf9bf5087278873",
              "status": "affected",
              "version": "2c66daecc4092e6049673c281b2e6f0d5e59a94c",
              "versionType": "git"
            },
            {
              "lessThan": "071bdef36391958c89af5fa2172f691b31baa212",
              "status": "affected",
              "version": "2c66daecc4092e6049673c281b2e6f0d5e59a94c",
              "versionType": "git"
            },
            {
              "lessThan": "2bde4aca56db9fe25405d39ddb062531493a65db",
              "status": "affected",
              "version": "2c66daecc4092e6049673c281b2e6f0d5e59a94c",
              "versionType": "git"
            },
            {
              "lessThan": "50cb95487c265187289810addec5093d4fed8329",
              "status": "affected",
              "version": "2c66daecc4092e6049673c281b2e6f0d5e59a94c",
              "versionType": "git"
            },
            {
              "lessThan": "6432d7f1d1c3aa74cfe8f5e3afdf81b786c32e86",
              "status": "affected",
              "version": "2c66daecc4092e6049673c281b2e6f0d5e59a94c",
              "versionType": "git"
            },
            {
              "lessThan": "291c932fc3692e4d211a445ba8aa35663831bac7",
              "status": "affected",
              "version": "2c66daecc4092e6049673c281b2e6f0d5e59a94c",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "net/nfc/digital_technology.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "3.13"
            },
            {
              "lessThan": "3.13",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.4.*",
              "status": "unaffected",
              "version": "4.4.290",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.9.*",
              "status": "unaffected",
              "version": "4.9.288",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.14.*",
              "status": "unaffected",
              "version": "4.14.252",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.19.*",
              "status": "unaffected",
              "version": "4.19.213",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.155",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.75",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.14.*",
              "status": "unaffected",
              "version": "5.14.14",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.15",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "4.4.290",
                  "versionStartIncluding": "3.13",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "4.9.288",
                  "versionStartIncluding": "3.13",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "4.14.252",
                  "versionStartIncluding": "3.13",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "4.19.213",
                  "versionStartIncluding": "3.13",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.4.155",
                  "versionStartIncluding": "3.13",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.10.75",
                  "versionStartIncluding": "3.13",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.14.14",
                  "versionStartIncluding": "3.13",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.15",
                  "versionStartIncluding": "3.13",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nNFC: digital: fix possible memory leak in digital_in_send_sdd_req()\n\n\u0027skb\u0027 is allocated in digital_in_send_sdd_req(), but not free when\ndigital_in_send_cmd() failed, which will cause memory leak. Fix it\nby freeing \u0027skb\u0027 if digital_in_send_cmd() return failed."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-05-04T07:10:57.734Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/74569c78aa84f8c958f1334b465bc530906ec99a"
        },
        {
          "url": "https://git.kernel.org/stable/c/88c890b0b9a1fb9fcd01c61ada515e8b636c34f9"
        },
        {
          "url": "https://git.kernel.org/stable/c/fcce6e5255474ca33c27dda0cdf9bf5087278873"
        },
        {
          "url": "https://git.kernel.org/stable/c/071bdef36391958c89af5fa2172f691b31baa212"
        },
        {
          "url": "https://git.kernel.org/stable/c/2bde4aca56db9fe25405d39ddb062531493a65db"
        },
        {
          "url": "https://git.kernel.org/stable/c/50cb95487c265187289810addec5093d4fed8329"
        },
        {
          "url": "https://git.kernel.org/stable/c/6432d7f1d1c3aa74cfe8f5e3afdf81b786c32e86"
        },
        {
          "url": "https://git.kernel.org/stable/c/291c932fc3692e4d211a445ba8aa35663831bac7"
        }
      ],
      "title": "NFC: digital: fix possible memory leak in digital_in_send_sdd_req()",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2021-47442",
    "datePublished": "2024-05-22T06:19:36.228Z",
    "dateReserved": "2024-05-21T14:58:30.831Z",
    "dateUpdated": "2025-05-04T07:10:57.734Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

BDU:2025-03659

CVE-2021-47442 (GCVE-0-2021-47442)

Tags

Sightings

Nomenclature