vulnerability

Ubuntu: USN-6976-1 (CVE-2021-46924): Linux kernel vulnerabilities

Try Surface Command
Back to search
Severity
5
CVSS
(AV:L/AC:L/Au:S/C:N/I:N/A:C)
Published
Feb 27, 2024
Added
Nov 19, 2024
Modified
Aug 18, 2025

Description

In the Linux kernel, the following vulnerability has been resolved:

NFC: st21nfca: Fix memory leak in device probe and remove

'phy->pending_skb' is alloced when device probe, but forgot to free
in the error handling path and remove path, this cause memory leak
as follows:

unreferenced object 0xffff88800bc06800 (size 512):
comm "8", pid 11775, jiffies 4295159829 (age 9.032s)
hex dump (first 32 bytes):
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
backtrace:
[<00000000d66c09ce>] __kmalloc_node_track_caller+0x1ed/0x450
[<00000000c93382b3>] kmalloc_reserve+0x37/0xd0
[<000000005fea522c>] __alloc_skb+0x124/0x380
[<0000000019f29f9a>] st21nfca_hci_i2c_probe+0x170/0x8f2

Fix it by freeing 'pending_skb' in error and remove.

Solutions

ubuntu-upgrade-linux-image-4-4-0-1135-awsubuntu-upgrade-linux-image-4-4-0-1136-kvmubuntu-upgrade-linux-image-4-4-0-1173-awsubuntu-upgrade-linux-image-4-4-0-258-genericubuntu-upgrade-linux-image-4-4-0-258-lowlatencyubuntu-upgrade-linux-image-awsubuntu-upgrade-linux-image-genericubuntu-upgrade-linux-image-generic-lts-xenialubuntu-upgrade-linux-image-kvmubuntu-upgrade-linux-image-lowlatencyubuntu-upgrade-linux-image-lowlatency-lts-xenialubuntu-upgrade-linux-image-virtualubuntu-upgrade-linux-image-virtual-lts-xenial

References

    Title
    NEW

    Explore Exposure Command

    Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

    Try it today