In the Linux kernel, a vulnerability involving memory leak has been resolved. The issue occurs in the NFC (Near Field Communication) device's probe and removal functions, specifically in the st21nfca memory allocation. The vulnerability is assigned the identifier CVE-2021-46924.
The 'phy->pending_skb' object is allocated memory when the device probe occurs, but there was no corresponding free memory allocation in the error handling path and removal path. As a result, this led to a memory leak, as demonstrated in the following output:
unreferenced object xffff88800bc06800 (size 512):
comm "8", pid 11775, jiffies 4295159829 (age 9.032s)
hex dump (first 32 bytes):
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
backtrace:
[<00000000d66c09ce>] __kmalloc_node_track_caller+x1ed/x450
[<00000000c93382b3>] kmalloc_reserve+x37/xd
[<000000005fea522c>] __alloc_skb+x124/x380
[<0000000019f29f9a>] st21nfca_hci_i2c_probe+x170/x8f2
To fix this memory leak, developers must free the 'pending_skb' object in both the error handling and removal path sections. This will ensure proper memory management and prevent memory leaks that could cause performance issues and, in some cases, lead to potential security risks.
For more information on this vulnerability, refer to the following resources
1. Linux Kernel Git Repository: st21nfca: Fix memory leak in device probe and remove
2. CVE Details: CVE-2021-46924
3. National Vulnerability Database: CVE-2021-46924 Detail
To implement this fix in a Linux kernel build, ensure that the latest version of the kernel has been applied. If using a distribution-provided version of the kernel, ensure that your distribution has patched this vulnerability and apply the provided kernel update. This will protect your system from potential exploitation and ensure proper memory management within the Linux kernel NFC subsystem.
Timeline
Published on: 02/27/2024 10:15:07 UTC
Last modified on: 04/10/2024 15:23:33 UTC