SB20240530117 - Memory leak in Linux kernel nfc
Published: May 30, 2024 Updated: May 14, 2025
Security Bulletin ID
SB20240530117
Severity
Low
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Local access
Highest impact
Denial of service
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Memory leak (CVE-ID: CVE-2021-47180)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the EXPORT_SYMBOL() function in net/nfc/nci/core.c, within the nci_core_conn_create() and nci_hci_allocate() functions in include/net/nfc/nci_core.h. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.
References
- https://git.kernel.org/stable/c/448a1cb12977f52142e6feb12022c59662d88dc1
- https://git.kernel.org/stable/c/4a621621c7af3cec21c47c349b30cd9c3cea11c8
- https://git.kernel.org/stable/c/2c2fb2df46ea866b49fea5ec7112ec3cd4896c74
- https://git.kernel.org/stable/c/0365701bc44e078682ee1224866a71897495c7ef
- https://git.kernel.org/stable/c/af2a4426baf71163c0c354580ae98c7888a9aba7
- https://git.kernel.org/stable/c/b34cb7ac32cc8e5471dc773180ea9ae676b1a745
- https://git.kernel.org/stable/c/65234f50a90b64b335cbb9164b8a98c2a0d031dd
- https://git.kernel.org/stable/c/e0652f8bb44d6294eeeac06d703185357f25d50b
- https://mirrors.edge.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.235
- https://mirrors.edge.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.193
- https://mirrors.edge.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.271
- https://mirrors.edge.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.271
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.41
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.12.8
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.13
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.123