CVE-2021-46985

MEDIUM

Linux Kernel < 4.9.269 - Memory Leak

Title source: rule

Description

In the Linux kernel, the following vulnerability has been resolved: ACPI: scan: Fix a memory leak in an error handling path If 'acpi_device_set_name()' fails, we must free 'acpi_device_bus_id->bus_id' or there is a (potential) memory leak.

References (8)

[Patch] https://git.kernel.org/stable/c/0c8bd174f0fc131bc9dfab35cd8784f59045da87

[Patch] https://git.kernel.org/stable/c/5ab9857dde7c3ea3faef6b128d718cf8ba98721b

[Patch] https://git.kernel.org/stable/c/6901a4f795e0e8d65ae779cb37fc22e0bf294712

[Patch] https://git.kernel.org/stable/c/69cc821e89ce572884548ac54c4f80eec7a837a5

[Patch] https://git.kernel.org/stable/c/a7e17a8d421ae23c920240625b4413c7b94d94a4

[Patch] https://git.kernel.org/stable/c/c5c8f6ffc942cf42f990f22e35bcf4cbe9d8c2fb

[Patch] https://git.kernel.org/stable/c/dafd4c0b5e835db020cff11c74b4af9493a58e72

[Patch] https://git.kernel.org/stable/c/e2381174daeae0ca35eddffef02dcc8de8c1ef8a

Scores

CVSS v3 5.5

EPSS 0.0003

EPSS Percentile 8.3%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Classification

CWE

CWE-401

Status published

Affected Products (2)

linux/linux_kernel < 4.9.269

linux/linux_kernel

Timeline

Published Feb 28, 2024

Tracked Since Feb 18, 2026