1225083 – (CVE-2021-47329) VUL-0: CVE-2021-47329: kernel: scsi: megaraid_sas: Fix resource leak in case of probe failure

Bug 1225083 (CVE-2021-47329) - VUL-0: CVE-2021-47329: kernel: scsi: megaraid_sas: Fix resource leak in case of probe failure

Summary: VUL-0: CVE-2021-47329: kernel: scsi: megaraid_sas: Fix resource leak in case ...

Status:	RESOLVED WONTFIX

Alias:	CVE-2021-47329

Product:	SUSE Security Incidents
Classification:	Novell Products
Component:	Incidents (show other bugs)
Version:	unspecified
Hardware:	Other Other

Priority:	P3 - Medium Severity: Normal
Target Milestone:	---
Assignee:	Security Team bot
QA Contact:	Security Team bot

URL:	https://smash.suse.de/issue/406965/
Whiteboard:	CVSSv3.1:SUSE:CVE-2021-47329:1.9:(AV:...
Keywords:

Depends on:
Blocks:

Clone This Bug

Reported:	2024-05-23 08:32 UTC by SMASH SMASH
Modified:	2024-06-24 20:32 UTC (History)
CC List:	5 users (show)

See Also:
Found By:	Security Response Team
Services Priority:
Business Priority:
Blocker:	---
Marketing QA Status:	---
IT Deployment:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description SMASH SMASH 2024-05-23 08:32:52 UTC

In the Linux kernel, the following vulnerability has been resolved:

scsi: megaraid_sas: Fix resource leak in case of probe failure

The driver doesn't clean up all the allocated resources properly when
scsi_add_host(), megasas_start_aen() function fails during the PCI device
probe.

Clean up all those resources.

References:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-47329
https://www.cve.org/CVERecord?id=CVE-2021-47329
https://git.kernel.org/stable/c/04b6b9ea80906e3b41ff120b45db31768947cf72
https://git.kernel.org/stable/c/0680db6f41920b2c91c7df3cc9cd5968701a6f74
https://git.kernel.org/stable/c/0c6226601c3e191a44a57d8f9f814b7e5c308959
https://git.kernel.org/stable/c/b5438f48fdd8e1c3f130d32637511efd32038152
https://git.kernel.org/stable/c/e623f79691c5104317669ab36ec316a90c05062f
https://git.kernel.org/pub/scm/linux/security/vulns.git/plain/cve/published/2021/CVE-2021-47329.mbox
https://bugzilla.redhat.com/show_bug.cgi?id=2282432

Comment 2 Michal Hocko 2024-05-24 16:32:53 UTC

Is this even a security bug. Can anybody trigger the probe failure intentionally?

Comment 6 Maintenance Automation 2024-06-12 20:31:51 UTC

SUSE-SU-2024:2010-1: An update that solves 186 vulnerabilities and has 27 security fixes can now be installed.

Category: security (important)
Bug References: 1065729, 1151927, 1152472, 1154353, 1156395, 1174585, 1176447, 1176774, 1176869, 1178134, 1181147, 1184631, 1185589, 1185902, 1186885, 1188616, 1188772, 1189883, 1190795, 1191452, 1192107, 1194288, 1194591, 1196956, 1197760, 1198029, 1199304, 1200619, 1203389, 1206646, 1209657, 1210335, 1210629, 1213476, 1215420, 1216702, 1217169, 1220137, 1220144, 1220754, 1220877, 1220960, 1221044, 1221113, 1221829, 1222251, 1222619, 1222838, 1222867, 1223084, 1223138, 1223384, 1223390, 1223512, 1223626, 1223715, 1223932, 1223934, 1224099, 1224174, 1224438, 1224482, 1224511, 1224592, 1224816, 1224826, 1224830, 1224831, 1224832, 1224834, 1224841, 1224842, 1224843, 1224844, 1224846, 1224849, 1224852, 1224853, 1224854, 1224859, 1224882, 1224886, 1224888, 1224889, 1224891, 1224892, 1224893, 1224899, 1224904, 1224907, 1224909, 1224916, 1224917, 1224922, 1224923, 1224924, 1224926, 1224928, 1224953, 1224954, 1224955, 1224957, 1224961, 1224963, 1224965, 1224966, 1224968, 1224981, 1224982, 1224983, 1224984, 1224987, 1224990, 1224993, 1224996, 1224997, 1225026, 1225030, 1225058, 1225060, 1225083, 1225084, 1225091, 1225112, 1225113, 1225128, 1225140, 1225143, 1225148, 1225155, 1225164, 1225177, 1225178, 1225181, 1225192, 1225193, 1225198, 1225201, 1225206, 1225207, 1225208, 1225214, 1225223, 1225224, 1225230, 1225232, 1225233, 1225237, 1225238, 1225243, 1225244, 1225247, 1225251, 1225252, 1225256, 1225261, 1225262, 1225263, 1225301, 1225303, 1225316, 1225318, 1225320, 1225321, 1225322, 1225326, 1225327, 1225328, 1225330, 1225333, 1225336, 1225341, 1225346, 1225351, 1225354, 1225355, 1225357, 1225358, 1225360, 1225361, 1225366, 1225367, 1225369, 1225370, 1225372, 1225374, 1225384, 1225386, 1225387, 1225390, 1225393, 1225400, 1225404, 1225405, 1225409, 1225411, 1225424, 1225427, 1225435, 1225437, 1225438, 1225439, 1225446, 1225447, 1225448, 1225450, 1225453, 1225455, 1225468, 1225499, 1225500, 1225508, 1225534
CVE References: CVE-2020-36788, CVE-2021-3743, CVE-2021-39698, CVE-2021-43056, CVE-2021-47104, CVE-2021-47192, CVE-2021-47200, CVE-2021-47220, CVE-2021-47227, CVE-2021-47228, CVE-2021-47229, CVE-2021-47230, CVE-2021-47231, CVE-2021-47235, CVE-2021-47236, CVE-2021-47237, CVE-2021-47239, CVE-2021-47240, CVE-2021-47241, CVE-2021-47246, CVE-2021-47252, CVE-2021-47253, CVE-2021-47254, CVE-2021-47255, CVE-2021-47258, CVE-2021-47259, CVE-2021-47260, CVE-2021-47261, CVE-2021-47263, CVE-2021-47265, CVE-2021-47267, CVE-2021-47269, CVE-2021-47270, CVE-2021-47274, CVE-2021-47275, CVE-2021-47276, CVE-2021-47280, CVE-2021-47281, CVE-2021-47284, CVE-2021-47285, CVE-2021-47288, CVE-2021-47289, CVE-2021-47296, CVE-2021-47301, CVE-2021-47302, CVE-2021-47305, CVE-2021-47307, CVE-2021-47308, CVE-2021-47314, CVE-2021-47315, CVE-2021-47320, CVE-2021-47321, CVE-2021-47323, CVE-2021-47324, CVE-2021-47329, CVE-2021-47330, CVE-2021-47332, CVE-2021-47333, CVE-2021-47334, CVE-2021-47337, CVE-2021-47338, CVE-2021-47340, CVE-2021-47341, CVE-2021-47343, CVE-2021-47344, CVE-2021-47347, CVE-2021-47348, CVE-2021-47350, CVE-2021-47353, CVE-2021-47354, CVE-2021-47356, CVE-2021-47369, CVE-2021-47375, CVE-2021-47378, CVE-2021-47381, CVE-2021-47382, CVE-2021-47383, CVE-2021-47387, CVE-2021-47388, CVE-2021-47391, CVE-2021-47392, CVE-2021-47393, CVE-2021-47395, CVE-2021-47396, CVE-2021-47399, CVE-2021-47402, CVE-2021-47404, CVE-2021-47405, CVE-2021-47409, CVE-2021-47413, CVE-2021-47416, CVE-2021-47422, CVE-2021-47423, CVE-2021-47424, CVE-2021-47425, CVE-2021-47426, CVE-2021-47428, CVE-2021-47431, CVE-2021-47434, CVE-2021-47435, CVE-2021-47436, CVE-2021-47441, CVE-2021-47442, CVE-2021-47443, CVE-2021-47444, CVE-2021-47445, CVE-2021-47451, CVE-2021-47456, CVE-2021-47458, CVE-2021-47460, CVE-2021-47464, CVE-2021-47465, CVE-2021-47468, CVE-2021-47473, CVE-2021-47478, CVE-2021-47480, CVE-2021-47482, CVE-2021-47483, CVE-2021-47485, CVE-2021-47493, CVE-2021-47494, CVE-2021-47495, CVE-2021-47496, CVE-2021-47497, CVE-2021-47498, CVE-2021-47499, CVE-2021-47500, CVE-2021-47501, CVE-2021-47502, CVE-2021-47503, CVE-2021-47505, CVE-2021-47506, CVE-2021-47507, CVE-2021-47509, CVE-2021-47511, CVE-2021-47512, CVE-2021-47516, CVE-2021-47518, CVE-2021-47521, CVE-2021-47522, CVE-2021-47523, CVE-2021-47527, CVE-2021-47535, CVE-2021-47536, CVE-2021-47538, CVE-2021-47540, CVE-2021-47541, CVE-2021-47542, CVE-2021-47549, CVE-2021-47557, CVE-2021-47562, CVE-2021-47563, CVE-2021-47565, CVE-2022-1195, CVE-2022-20132, CVE-2022-48636, CVE-2022-48673, CVE-2022-48704, CVE-2022-48710, CVE-2023-0160, CVE-2023-1829, CVE-2023-2176, CVE-2023-4244, CVE-2023-47233, CVE-2023-52433, CVE-2023-52581, CVE-2023-52591, CVE-2023-52654, CVE-2023-52655, CVE-2023-52686, CVE-2023-52840, CVE-2023-52871, CVE-2023-52880, CVE-2023-6531, CVE-2024-26581, CVE-2024-26643, CVE-2024-26828, CVE-2024-26921, CVE-2024-26925, CVE-2024-26929, CVE-2024-26930, CVE-2024-27398, CVE-2024-27413, CVE-2024-35811, CVE-2024-35895, CVE-2024-35914
Maintenance Incident: [SUSE:Maintenance:34219](https://smelt.suse.de/incident/34219/)
Sources used:
SUSE Linux Enterprise Micro 5.1 (src):
 kernel-source-rt-5.3.18-150300.172.1
SUSE Linux Enterprise Micro 5.2 (src):
 kernel-source-rt-5.3.18-150300.172.1
SUSE Linux Enterprise Micro for Rancher 5.2 (src):
 kernel-source-rt-5.3.18-150300.172.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 8 Hannes Reinecke 2024-06-17 12:29:21 UTC

(In reply to Michal Hocko from comment #2)
> Is this even a security bug. Can anybody trigger the probe failure
> intentionally?

No. That requires a dodgy HW to start with.
I can't see how this could be security bug.

Comment 10 Hannes Reinecke 2024-06-18 09:19:36 UTC

This issue is only relevant if
a) the attacker is root
b) the attacker has the ability to load and unload kernel modules
c) the system has the respective PCI HBA
d) that HBA is faulty
e) the faulty HBA does not serve the root filesystem

It is not possible to induce the described failure from the outside; it is a real hardware issue pointing to a faulty hardware.
And faulty hardware is known to cause various issues, up to and including a system lockup. Additionally nearly all systems I know of use that HBA to serve the root filesystem, ie a failure of loading means the system won't even boot.
All of which makes it highly unlikely to be exploitable remotely.
Additionally an exploit will only work if the hardware had been faulty in the first place, and any environment which allows that to happen undetected probably won't care much about security, either.

Comment 13 Maintenance Automation 2024-06-24 20:32:17 UTC

SUSE-SU-2024:2185-1: An update that solves 187 vulnerabilities and has 26 security fixes can now be installed.

Category: security (important)
Bug References: 1065729, 1151927, 1152472, 1154353, 1156395, 1174585, 1176447, 1176774, 1176869, 1178134, 1181147, 1184631, 1185570, 1185589, 1185902, 1186885, 1187357, 1188616, 1188772, 1189883, 1190795, 1191452, 1192107, 1194288, 1194591, 1196956, 1197760, 1198029, 1199304, 1200619, 1203389, 1206646, 1209657, 1210335, 1210629, 1213476, 1215420, 1216702, 1217169, 1220137, 1220144, 1220754, 1220877, 1220960, 1221044, 1221113, 1221829, 1222251, 1222619, 1222838, 1222867, 1223084, 1223138, 1223384, 1223390, 1223512, 1223932, 1223934, 1224099, 1224174, 1224438, 1224482, 1224511, 1224592, 1224816, 1224826, 1224830, 1224831, 1224832, 1224834, 1224841, 1224842, 1224843, 1224844, 1224846, 1224849, 1224852, 1224853, 1224854, 1224859, 1224882, 1224886, 1224888, 1224889, 1224891, 1224892, 1224893, 1224899, 1224904, 1224907, 1224909, 1224916, 1224917, 1224922, 1224923, 1224924, 1224926, 1224928, 1224953, 1224954, 1224955, 1224957, 1224961, 1224963, 1224965, 1224966, 1224968, 1224981, 1224982, 1224983, 1224984, 1224987, 1224990, 1224993, 1224996, 1224997, 1225026, 1225030, 1225058, 1225060, 1225083, 1225084, 1225091, 1225112, 1225113, 1225128, 1225140, 1225143, 1225148, 1225155, 1225164, 1225177, 1225178, 1225181, 1225192, 1225193, 1225198, 1225201, 1225206, 1225207, 1225208, 1225214, 1225223, 1225224, 1225230, 1225232, 1225233, 1225237, 1225238, 1225243, 1225244, 1225247, 1225251, 1225252, 1225256, 1225261, 1225262, 1225263, 1225301, 1225303, 1225316, 1225318, 1225320, 1225321, 1225322, 1225326, 1225327, 1225328, 1225330, 1225333, 1225336, 1225341, 1225346, 1225351, 1225354, 1225355, 1225357, 1225358, 1225360, 1225361, 1225366, 1225367, 1225369, 1225370, 1225372, 1225374, 1225384, 1225386, 1225387, 1225390, 1225393, 1225400, 1225404, 1225405, 1225409, 1225411, 1225424, 1225427, 1225435, 1225437, 1225438, 1225439, 1225446, 1225447, 1225448, 1225450, 1225453, 1225455, 1225468, 1225499, 1225500, 1225508, 1225534
CVE References: CVE-2020-36788, CVE-2021-3743, CVE-2021-39698, CVE-2021-43056, CVE-2021-47104, CVE-2021-47192, CVE-2021-47200, CVE-2021-47220, CVE-2021-47227, CVE-2021-47228, CVE-2021-47229, CVE-2021-47230, CVE-2021-47231, CVE-2021-47235, CVE-2021-47236, CVE-2021-47237, CVE-2021-47239, CVE-2021-47240, CVE-2021-47241, CVE-2021-47246, CVE-2021-47252, CVE-2021-47253, CVE-2021-47254, CVE-2021-47255, CVE-2021-47258, CVE-2021-47259, CVE-2021-47260, CVE-2021-47261, CVE-2021-47263, CVE-2021-47265, CVE-2021-47267, CVE-2021-47269, CVE-2021-47270, CVE-2021-47274, CVE-2021-47275, CVE-2021-47276, CVE-2021-47280, CVE-2021-47281, CVE-2021-47284, CVE-2021-47285, CVE-2021-47288, CVE-2021-47289, CVE-2021-47296, CVE-2021-47301, CVE-2021-47302, CVE-2021-47305, CVE-2021-47307, CVE-2021-47308, CVE-2021-47314, CVE-2021-47315, CVE-2021-47320, CVE-2021-47321, CVE-2021-47323, CVE-2021-47324, CVE-2021-47329, CVE-2021-47330, CVE-2021-47332, CVE-2021-47333, CVE-2021-47334, CVE-2021-47337, CVE-2021-47338, CVE-2021-47340, CVE-2021-47341, CVE-2021-47343, CVE-2021-47344, CVE-2021-47347, CVE-2021-47348, CVE-2021-47350, CVE-2021-47353, CVE-2021-47354, CVE-2021-47356, CVE-2021-47369, CVE-2021-47375, CVE-2021-47378, CVE-2021-47381, CVE-2021-47382, CVE-2021-47383, CVE-2021-47387, CVE-2021-47388, CVE-2021-47391, CVE-2021-47392, CVE-2021-47393, CVE-2021-47395, CVE-2021-47396, CVE-2021-47399, CVE-2021-47402, CVE-2021-47404, CVE-2021-47405, CVE-2021-47409, CVE-2021-47413, CVE-2021-47416, CVE-2021-47422, CVE-2021-47423, CVE-2021-47424, CVE-2021-47425, CVE-2021-47426, CVE-2021-47428, CVE-2021-47431, CVE-2021-47434, CVE-2021-47435, CVE-2021-47436, CVE-2021-47441, CVE-2021-47442, CVE-2021-47443, CVE-2021-47444, CVE-2021-47445, CVE-2021-47451, CVE-2021-47456, CVE-2021-47458, CVE-2021-47460, CVE-2021-47464, CVE-2021-47465, CVE-2021-47468, CVE-2021-47473, CVE-2021-47478, CVE-2021-47480, CVE-2021-47482, CVE-2021-47483, CVE-2021-47485, CVE-2021-47493, CVE-2021-47494, CVE-2021-47495, CVE-2021-47496, CVE-2021-47497, CVE-2021-47498, CVE-2021-47499, CVE-2021-47500, CVE-2021-47501, CVE-2021-47502, CVE-2021-47503, CVE-2021-47505, CVE-2021-47506, CVE-2021-47507, CVE-2021-47509, CVE-2021-47511, CVE-2021-47512, CVE-2021-47516, CVE-2021-47518, CVE-2021-47521, CVE-2021-47522, CVE-2021-47523, CVE-2021-47527, CVE-2021-47535, CVE-2021-47536, CVE-2021-47538, CVE-2021-47540, CVE-2021-47541, CVE-2021-47542, CVE-2021-47549, CVE-2021-47557, CVE-2021-47562, CVE-2021-47563, CVE-2021-47565, CVE-2022-1195, CVE-2022-20132, CVE-2022-48636, CVE-2022-48673, CVE-2022-48704, CVE-2022-48710, CVE-2023-0160, CVE-2023-1829, CVE-2023-2176, CVE-2023-424, CVE-2023-4244, CVE-2023-47233, CVE-2023-52433, CVE-2023-52581, CVE-2023-52591, CVE-2023-52654, CVE-2023-52655, CVE-2023-52686, CVE-2023-52840, CVE-2023-52871, CVE-2023-52880, CVE-2023-6531, CVE-2024-26581, CVE-2024-26643, CVE-2024-26828, CVE-2024-26921, CVE-2024-26925, CVE-2024-26929, CVE-2024-26930, CVE-2024-27398, CVE-2024-27413, CVE-2024-35811, CVE-2024-35895, CVE-2024-35914
Maintenance Incident: [SUSE:Maintenance:34168](https://smelt.suse.de/incident/34168/)
Sources used:
openSUSE Leap 15.3 (src):
 kernel-obs-build-5.3.18-150300.59.164.1, kernel-syms-5.3.18-150300.59.164.1, kernel-default-base-5.3.18-150300.59.164.1.150300.18.96.1, kernel-livepatch-SLE15-SP3_Update_45-1-150300.7.3.1, kernel-source-5.3.18-150300.59.164.1, kernel-obs-qa-5.3.18-150300.59.164.1
SUSE Linux Enterprise Live Patching 15-SP3 (src):
 kernel-livepatch-SLE15-SP3_Update_45-1-150300.7.3.1
SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (src):
 kernel-obs-build-5.3.18-150300.59.164.1, kernel-source-5.3.18-150300.59.164.1, kernel-default-base-5.3.18-150300.59.164.1.150300.18.96.1, kernel-syms-5.3.18-150300.59.164.1
SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (src):
 kernel-obs-build-5.3.18-150300.59.164.1, kernel-source-5.3.18-150300.59.164.1, kernel-default-base-5.3.18-150300.59.164.1.150300.18.96.1, kernel-syms-5.3.18-150300.59.164.1
SUSE Linux Enterprise Server for SAP Applications 15 SP3 (src):
 kernel-obs-build-5.3.18-150300.59.164.1, kernel-source-5.3.18-150300.59.164.1, kernel-default-base-5.3.18-150300.59.164.1.150300.18.96.1, kernel-syms-5.3.18-150300.59.164.1
SUSE Enterprise Storage 7.1 (src):
 kernel-obs-build-5.3.18-150300.59.164.1, kernel-source-5.3.18-150300.59.164.1, kernel-default-base-5.3.18-150300.59.164.1.150300.18.96.1, kernel-syms-5.3.18-150300.59.164.1
SUSE Linux Enterprise Micro 5.1 (src):
 kernel-default-base-5.3.18-150300.59.164.1.150300.18.96.1
SUSE Linux Enterprise Micro 5.2 (src):
 kernel-default-base-5.3.18-150300.59.164.1.150300.18.96.1
SUSE Linux Enterprise Micro for Rancher 5.2 (src):
 kernel-default-base-5.3.18-150300.59.164.1.150300.18.96.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.