CVE-2021-47133: Vulnerability in Linux Linux
In the Linux kernel, the following vulnerability has been resolved: HID: amd_sfh: Fix memory leak in amd_sfh_work Kmemleak tool detected a memory leak in the amd_sfh driver. ==================== unreferenced object 0xffff88810228ada0 (size 32): comm "insmod", pid 3968, jiffies 4295056001 (age 775.792s) hex dump (first 32 bytes): 00 20 73 1f 81 88 ff ff 00 01 00 00 00 00 ad de . s............. 22 01 00 00 00 00 ad de 01 00 02 00 00 00 00 00 "............... backtrace: [<000000007b4c8799>] kmem_cache_alloc_trace+0x163/0x4f0 [<0000000005326893>] amd_sfh_get_report+0xa4/0x1d0 [amd_sfh] [<000000002a9e5ec4>] amdtp_hid_request+0x62/0x80 [amd_sfh] [<00000000b8a95807>] sensor_hub_get_feature+0x145/0x270 [hid_sensor_hub] [<00000000fda054ee>] hid_sensor_parse_common_attributes+0x215/0x460 [hid_sensor_iio_common] [<0000000021279ecf>] hid_accel_3d_probe+0xff/0x4a0 [hid_sensor_accel_3d] [<00000000915760ce>] platform_probe+0x6a/0xd0 [<0000000060258a1f>] really_probe+0x192/0x620 [<00000000fa812f2d>] driver_probe_device+0x14a/0x1d0 [<000000005e79f7fd>] __device_attach_driver+0xbd/0x110 [<0000000070d15018>] bus_for_each_drv+0xfd/0x160 [<0000000013a3c312>] __device_attach+0x18b/0x220 [<000000008c7b4afc>] device_initial_probe+0x13/0x20 [<00000000e6e99665>] bus_probe_device+0xfe/0x120 [<00000000833fa90b>] device_add+0x6a6/0xe00 [<00000000fa901078>] platform_device_add+0x180/0x380 ==================== The fix is to freeing request_list entry once the processed entry is removed from the request_list.
AI Analysis
Technical Summary
CVE-2021-47133 is a vulnerability identified in the Linux kernel specifically within the amd_sfh driver, which is part of the Human Interface Device (HID) subsystem. The issue was detected by the kernel memory leak detection tool, kmemleak, which found that the amd_sfh driver failed to properly free memory allocations related to the request_list entries. This memory leak occurs when processed entries are removed from the request_list but the associated memory is not released, leading to unreferenced objects accumulating in kernel memory. The technical details show a backtrace through various kernel functions involved in memory allocation and HID sensor processing, indicating the leak occurs during HID sensor hub operations related to AMD hardware. The fix implemented involves ensuring that the request_list entries are freed once they are processed and removed, preventing the leak. Although this vulnerability does not have a CVSS score and no known exploits have been reported in the wild, it represents a resource management flaw in a critical kernel component. Over time, such memory leaks can degrade system stability, cause increased memory consumption, and potentially lead to denial of service (DoS) conditions if the system runs out of kernel memory. Since the vulnerability affects the Linux kernel, it impacts a wide range of Linux distributions and devices running affected kernel versions, particularly those using AMD sensor hardware components interfacing through the amd_sfh driver. The affected versions are identified by specific kernel commit hashes, indicating the issue is present in certain kernel builds prior to the fix. This vulnerability is primarily a reliability and availability concern rather than a direct confidentiality or integrity compromise, as it does not appear to allow privilege escalation or arbitrary code execution.
Potential Impact
For European organizations, the impact of CVE-2021-47133 centers on system stability and availability. Enterprises relying on Linux servers, workstations, or embedded devices with AMD hardware that utilize the amd_sfh driver could experience gradual memory exhaustion leading to degraded performance or system crashes. This is particularly relevant for data centers, cloud providers, and critical infrastructure operators in Europe that deploy Linux-based systems extensively. The memory leak could cause intermittent service disruptions or require more frequent reboots and maintenance, impacting operational continuity. While the vulnerability does not directly expose sensitive data or allow attacker control, the resulting denial of service conditions could indirectly affect business operations, especially in environments requiring high availability. Additionally, organizations with stringent uptime requirements or those running real-time or embedded Linux systems may face increased risk. The absence of known exploits reduces immediate threat levels, but the vulnerability should be addressed proactively to avoid potential exploitation or system degradation over time.
Mitigation Recommendations
To mitigate CVE-2021-47133, European organizations should: 1) Apply the latest Linux kernel updates that include the patch fixing the memory leak in the amd_sfh driver. This is the most effective and definitive mitigation. 2) Identify and inventory systems running affected kernel versions and verify if the amd_sfh driver is in use, focusing on AMD hardware platforms that interface with HID sensor hubs. 3) Monitor system memory usage and kernel logs for signs of memory leaks or instability related to HID sensor operations. 4) For environments where immediate patching is not feasible, consider disabling the amd_sfh driver if it is not critical to system functionality, to prevent the leak from occurring. 5) Implement robust system monitoring and alerting to detect early signs of resource exhaustion or performance degradation. 6) Engage with Linux distribution vendors or support channels to ensure timely receipt of security updates and advisories related to this vulnerability. 7) For embedded or specialized systems, coordinate with hardware and software vendors to obtain patched kernel versions or firmware updates addressing this issue.
Affected Countries
Germany, France, United Kingdom, Netherlands, Italy, Spain, Poland, Sweden, Finland, Belgium
CVE-2021-47133: Vulnerability in Linux Linux
Description
In the Linux kernel, the following vulnerability has been resolved: HID: amd_sfh: Fix memory leak in amd_sfh_work Kmemleak tool detected a memory leak in the amd_sfh driver. ==================== unreferenced object 0xffff88810228ada0 (size 32): comm "insmod", pid 3968, jiffies 4295056001 (age 775.792s) hex dump (first 32 bytes): 00 20 73 1f 81 88 ff ff 00 01 00 00 00 00 ad de . s............. 22 01 00 00 00 00 ad de 01 00 02 00 00 00 00 00 "............... backtrace: [<000000007b4c8799>] kmem_cache_alloc_trace+0x163/0x4f0 [<0000000005326893>] amd_sfh_get_report+0xa4/0x1d0 [amd_sfh] [<000000002a9e5ec4>] amdtp_hid_request+0x62/0x80 [amd_sfh] [<00000000b8a95807>] sensor_hub_get_feature+0x145/0x270 [hid_sensor_hub] [<00000000fda054ee>] hid_sensor_parse_common_attributes+0x215/0x460 [hid_sensor_iio_common] [<0000000021279ecf>] hid_accel_3d_probe+0xff/0x4a0 [hid_sensor_accel_3d] [<00000000915760ce>] platform_probe+0x6a/0xd0 [<0000000060258a1f>] really_probe+0x192/0x620 [<00000000fa812f2d>] driver_probe_device+0x14a/0x1d0 [<000000005e79f7fd>] __device_attach_driver+0xbd/0x110 [<0000000070d15018>] bus_for_each_drv+0xfd/0x160 [<0000000013a3c312>] __device_attach+0x18b/0x220 [<000000008c7b4afc>] device_initial_probe+0x13/0x20 [<00000000e6e99665>] bus_probe_device+0xfe/0x120 [<00000000833fa90b>] device_add+0x6a6/0xe00 [<00000000fa901078>] platform_device_add+0x180/0x380 ==================== The fix is to freeing request_list entry once the processed entry is removed from the request_list.
AI-Powered Analysis
Technical Analysis
CVE-2021-47133 is a vulnerability identified in the Linux kernel specifically within the amd_sfh driver, which is part of the Human Interface Device (HID) subsystem. The issue was detected by the kernel memory leak detection tool, kmemleak, which found that the amd_sfh driver failed to properly free memory allocations related to the request_list entries. This memory leak occurs when processed entries are removed from the request_list but the associated memory is not released, leading to unreferenced objects accumulating in kernel memory. The technical details show a backtrace through various kernel functions involved in memory allocation and HID sensor processing, indicating the leak occurs during HID sensor hub operations related to AMD hardware. The fix implemented involves ensuring that the request_list entries are freed once they are processed and removed, preventing the leak. Although this vulnerability does not have a CVSS score and no known exploits have been reported in the wild, it represents a resource management flaw in a critical kernel component. Over time, such memory leaks can degrade system stability, cause increased memory consumption, and potentially lead to denial of service (DoS) conditions if the system runs out of kernel memory. Since the vulnerability affects the Linux kernel, it impacts a wide range of Linux distributions and devices running affected kernel versions, particularly those using AMD sensor hardware components interfacing through the amd_sfh driver. The affected versions are identified by specific kernel commit hashes, indicating the issue is present in certain kernel builds prior to the fix. This vulnerability is primarily a reliability and availability concern rather than a direct confidentiality or integrity compromise, as it does not appear to allow privilege escalation or arbitrary code execution.
Potential Impact
For European organizations, the impact of CVE-2021-47133 centers on system stability and availability. Enterprises relying on Linux servers, workstations, or embedded devices with AMD hardware that utilize the amd_sfh driver could experience gradual memory exhaustion leading to degraded performance or system crashes. This is particularly relevant for data centers, cloud providers, and critical infrastructure operators in Europe that deploy Linux-based systems extensively. The memory leak could cause intermittent service disruptions or require more frequent reboots and maintenance, impacting operational continuity. While the vulnerability does not directly expose sensitive data or allow attacker control, the resulting denial of service conditions could indirectly affect business operations, especially in environments requiring high availability. Additionally, organizations with stringent uptime requirements or those running real-time or embedded Linux systems may face increased risk. The absence of known exploits reduces immediate threat levels, but the vulnerability should be addressed proactively to avoid potential exploitation or system degradation over time.
Mitigation Recommendations
To mitigate CVE-2021-47133, European organizations should: 1) Apply the latest Linux kernel updates that include the patch fixing the memory leak in the amd_sfh driver. This is the most effective and definitive mitigation. 2) Identify and inventory systems running affected kernel versions and verify if the amd_sfh driver is in use, focusing on AMD hardware platforms that interface with HID sensor hubs. 3) Monitor system memory usage and kernel logs for signs of memory leaks or instability related to HID sensor operations. 4) For environments where immediate patching is not feasible, consider disabling the amd_sfh driver if it is not critical to system functionality, to prevent the leak from occurring. 5) Implement robust system monitoring and alerting to detect early signs of resource exhaustion or performance degradation. 6) Engage with Linux distribution vendors or support channels to ensure timely receipt of security updates and advisories related to this vulnerability. 7) For embedded or specialized systems, coordinate with hardware and software vendors to obtain patched kernel versions or firmware updates addressing this issue.
For access to advanced analysis and higher rate limits, contact root@offseq.com
Technical Details
- Data Version
- 5.1
- Assigner Short Name
- Linux
- Date Reserved
- 2024-03-04T18:12:48.840Z
- Cisa Enriched
- true
- Cvss Version
- null
- State
- PUBLISHED
Threat ID: 682d9834c4522896dcbe9e17
Added to database: 5/21/2025, 9:09:08 AM
Last enriched: 6/26/2025, 7:51:12 PM
Last updated: 8/16/2025, 7:58:07 AM
Views: 16
Related Threats
CVE-2025-53948: CWE-415 Double Free in Santesoft Sante PACS Server
HighCVE-2025-52584: CWE-122 Heap-based Buffer Overflow in Ashlar-Vellum Cobalt
HighCVE-2025-46269: CWE-122 Heap-based Buffer Overflow in Ashlar-Vellum Cobalt
HighCVE-2025-54862: CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') in Santesoft Sante PACS Server
MediumCVE-2025-54759: CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') in Santesoft Sante PACS Server
MediumActions
Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.
External Links
Need enhanced features?
Contact root@offseq.com for Pro access with improved analysis and higher rate limits.