CVE-2021-46985

low-risk
Published 2024-02-28

In the Linux kernel, the following vulnerability has been resolved: ACPI: scan: Fix a memory leak in an error handling path If 'acpi_device_set_name()' fails, we must free 'acpi_device_bus_id->bus_id' or there is a (potential) memory leak.

Do I need to act?

-
0.03% chance of exploitation
EPSS score — low exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
5
CVSS 5.5/10 Medium
LOCAL / LOW complexity

Affected Products (2)

Affected Vendors

Linux

References (16)

Patch https://git.kernel.org/stable/c/0c8bd174f0fc131bc9dfab35cd8784f59045da87
Patch https://git.kernel.org/stable/c/5ab9857dde7c3ea3faef6b128d718cf8ba98721b
Patch https://git.kernel.org/stable/c/6901a4f795e0e8d65ae779cb37fc22e0bf294712
Patch https://git.kernel.org/stable/c/69cc821e89ce572884548ac54c4f80eec7a837a5
Patch https://git.kernel.org/stable/c/a7e17a8d421ae23c920240625b4413c7b94d94a4
Patch https://git.kernel.org/stable/c/c5c8f6ffc942cf42f990f22e35bcf4cbe9d8c2fb
Patch https://git.kernel.org/stable/c/dafd4c0b5e835db020cff11c74b4af9493a58e72
Patch https://git.kernel.org/stable/c/e2381174daeae0ca35eddffef02dcc8de8c1ef8a
Patch https://git.kernel.org/stable/c/0c8bd174f0fc131bc9dfab35cd8784f59045da87
Patch https://git.kernel.org/stable/c/5ab9857dde7c3ea3faef6b128d718cf8ba98721b
Patch https://git.kernel.org/stable/c/6901a4f795e0e8d65ae779cb37fc22e0bf294712
Patch https://git.kernel.org/stable/c/69cc821e89ce572884548ac54c4f80eec7a837a5
Patch https://git.kernel.org/stable/c/a7e17a8d421ae23c920240625b4413c7b94d94a4
Patch https://git.kernel.org/stable/c/c5c8f6ffc942cf42f990f22e35bcf4cbe9d8c2fb
Patch https://git.kernel.org/stable/c/dafd4c0b5e835db020cff11c74b4af9493a58e72
Patch https://git.kernel.org/stable/c/e2381174daeae0ca35eddffef02dcc8de8c1ef8a
25
/ 100
low-risk
Severity 18/34 · Moderate
Exploitability 0/34 · Minimal
Exposure 7/34 · Low