Bug 1225456 (CVE-2021-47543)

Summary: VUL-0: REJECTED: CVE-2021-47543: kernel: perf report: Fix memory leaks around perf_tip()
Product: [Novell Products] SUSE Security Incidents Reporter: SMASH SMASH <smash_bz>
Component: IncidentsAssignee: Security Team bot <security-team>
Status: RESOLVED INVALID QA Contact: Security Team bot <security-team>
Severity: Normal    
Priority: P3 - Medium CC: andrea.mattiazzo, jlee, mhocko, security-team
Version: unspecified   
Target Milestone: ---   
Hardware: Other   
OS: Other   
URL: https://smash.suse.de/issue/407703/
Whiteboard: CVSSv3.1:SUSE:CVE-2021-47543:3.3:(AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L)
Found By: Security Response Team Services Priority:
Business Priority: Blocker: ---
Marketing QA Status: --- IT Deployment: ---

Description SMASH SMASH 2024-05-28 09:22:05 UTC 
In the Linux kernel, the following vulnerability has been resolved:

perf report: Fix memory leaks around perf_tip()

perf_tip() may allocate memory or use a literal, this means memory
wasn't freed if allocated. Change the API so that literals aren't used.

At the same time add missing frees for system_path. These issues were
spotted using leak sanitizer.

References:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-47543
https://www.cve.org/CVERecord?id=CVE-2021-47543
https://git.kernel.org/stable/c/71e284dcebecb9fd204ff11097469cc547723ad1
https://git.kernel.org/stable/c/d9fc706108c15f8bc2d4ccccf8e50f74830fabd9
https://git.kernel.org/stable/c/df5990db088d4c7fea9a2f9b8195a7859e1768c4
https://git.kernel.org/stable/c/ff061b5bda73c4f785b4703eeb0848fd99e5608a
https://git.kernel.org/pub/scm/linux/security/vulns.git/plain/cve/published/2021/CVE-2021-47543.mbox
https://bugzilla.redhat.com/show_bug.cgi?id=2283407
Comment 3 Tony Jones 2024-06-06 23:41:12 UTC 
Based on the fixing commit (d9fc706108c15f8bc2d4ccccf8e50f74830fabd9) this is a userspace leak (tools/perf).  Which can occur when running 'perf report' which has a generally short lived lifespan.  

How on earth did this get a CVE assigned?   From 2021?

I really don't see that this is anything we need to be concerned with.  Also due to the high level of code churn in perf userspace,  backports are more challenging than for the kernel code.
Comment 8 Andrea Mattiazzo 2024-06-14 09:57:40 UTC 
CVE is now rejected. https://lore.kernel.org/linux-cve-announce/2024061337-delegator-chafe-bf6d@gregkh/

Thanks all. Closing.