CVE-2021-46985

ACPI: scan: Fix a memory leak in an error handling path

Description

In the Linux kernel, the following vulnerability has been resolved: ACPI: scan: Fix a memory leak in an error handling path If 'acpi_device_set_name()' fails, we must free 'acpi_device_bus_id->bus_id' or there is a (potential) memory leak.

Category

5.5
CVSS
Severity: Medium
CVSS 3.1 •
EPSS 0.03%
Affected: Linux Linux
Affected: Linux Linux
Published at:
Updated at:

References

Link Tags
https://git.kernel.org/stable/c/6901a4f795e0e8d65ae779cb37fc22e0bf294712 patch
https://git.kernel.org/stable/c/5ab9857dde7c3ea3faef6b128d718cf8ba98721b patch
https://git.kernel.org/stable/c/69cc821e89ce572884548ac54c4f80eec7a837a5 patch
https://git.kernel.org/stable/c/dafd4c0b5e835db020cff11c74b4af9493a58e72 patch
https://git.kernel.org/stable/c/e2381174daeae0ca35eddffef02dcc8de8c1ef8a patch
https://git.kernel.org/stable/c/c5c8f6ffc942cf42f990f22e35bcf4cbe9d8c2fb patch
https://git.kernel.org/stable/c/a7e17a8d421ae23c920240625b4413c7b94d94a4 patch
https://git.kernel.org/stable/c/0c8bd174f0fc131bc9dfab35cd8784f59045da87 patch

Frequently Asked Questions

What is the severity of CVE-2021-46985?
CVE-2021-46985 has been scored as a medium severity vulnerability.
How to fix CVE-2021-46985?
To fix CVE-2021-46985, make sure you are using an up-to-date version of the affected component(s) by checking the vendor release notes. As for now, there are no other specific guidelines available.
Is CVE-2021-46985 being actively exploited in the wild?
As for now, there are no information to confirm that CVE-2021-46985 is being actively exploited. According to its EPSS score, there is a ~0% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2021-46985?
CVE-2021-46985 affects Linux Linux, Linux Linux.
This platform uses data from the NIST NVD, MITRE CVE, MITRE CWE, First.org and CISA KEV but is not endorsed or certified by these entities. CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site.
© 2025 Under My Watch. All Rights Reserved.