| The vulnerability CVE-2021-47416 is a memory leak issue in the MDIO bus interface of the Linux kernel. The problem arises from incorrect state logic, where the `MDIOBUS_ALLOCATED` state can indicate two different conditions: when the bus is only allocated and when the bus is allocated but the `__mdiobus_register()` function fails, yet the `device_register()` function has been called. |
| |
| In the latter case, the memory allocated for the device should be freed using `put_device()`, but the `mdiobus_free()` function only calls `kfree(dev)` when the bus is in the `MDIOBUS_ALLOCATED` state. To fix this issue, the `bus->state` needs to be set to `MDIOBUS_UNREGISTERED` before calling `device_register()`, ensuring that `put_device()` is called even if `device_register()` fails. |
| |
| This vulnerability was introduced in kernel version 2.6.28 and has been fixed in various kernel versions, including 4.4.289, 4.9.287, 4.14.251, 4.19.211, 5.4.153, 5.10.73, 5.14.12, and 5.15. The affected file is `drivers/net/phy/mdio_bus.c`. |
| |
| The Linux kernel CVE team recommends updating to the latest stable kernel version to fix this issue, as well as many other bugfixes. If updating is not possible, individual changes can be applied from the commits listed in the mitigation section. |
| |
