PT-2024-11239 · Linux+2 · Linux Kernel+2

Syzbot

Published

2021-06-16

Updated

2025-06-18

CVE-2021-47231

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A memory leak has been reported in the SocketCAN driver for Microchip CAN BUS Analyzer Tool. The issue arises from unfreed usb coherent buffers in the mcba usb start() function. Specifically, 20 coherent buffers are allocated, but there is no mechanism to free them: in the callback function, the urb is resubmitted without freeing the buffers, and in the disconnect function, urbs are killed without setting the URB FREE BUFFER flag, which cannot be used with coherent buffers. This results in suspected memory leaks, as indicated by the fail log showing 20 new suspected memory leaks.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Memory Leak

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-402CWE-401

Related Identifiers

BDU:2025-07371

CVE-2021-47231

OESA-2024-1767

OPENSUSE-SU-2024_2185-1

SUSE-SU-2024:1979-1

SUSE-SU-2024:1983-1

SUSE-SU-2024:2010-1

SUSE-SU-2024:2183-1

SUSE-SU-2024:2184-1

SUSE-SU-2024:2185-1

SUSE-SU-2025:01995-1

Affected Products

Astra Linux

Linux Kernel

Suse

PT-2024-11239 · Linux+2 · Linux Kernel+2

CVE-2021-47231

Weakness Enumeration

Related Identifiers

Affected Products

References · 852