CVE-2021-47443
📋 TL;DR
This is a memory leak vulnerability in the Linux kernel's NFC (Near Field Communication) subsystem. When the digital_tg_listen_mdaa() function fails to send a command, it doesn't properly free allocated memory, causing gradual memory exhaustion. This affects Linux systems with NFC hardware and the digital NFC driver enabled.
💻 Affected Systems
- Linux kernel
📦 What is this software?
Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →⚠️ Risk & Real-World Impact
Worst Case
Sustained exploitation could lead to kernel memory exhaustion, causing system instability, denial of service, or kernel panic/crash.
Likely Case
Gradual memory consumption leading to performance degradation and potential system instability over time.
If Mitigated
Minimal impact if NFC functionality is disabled or unused, or if the system has sufficient memory headroom.
🎯 Exploit Status
Requires ability to trigger the vulnerable NFC function, which typically requires local access and NFC hardware interaction.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Patched in stable kernel versions via the provided git commits
Vendor Advisory: https://git.kernel.org/stable/c/3f2960b39f22e26cf8addae93c3f5884d1c183c9
Restart Required: Yes
Instructions:
1. Update Linux kernel to a version containing the fix. 2. Check if your distribution has released a security update. 3. Reboot system after kernel update.
🔧 Temporary Workarounds
Disable NFC subsystem
linuxPrevent loading of NFC modules to eliminate attack surface
modprobe -r nfc
echo 'blacklist nfc' >> /etc/modprobe.d/blacklist.conf
Disable digital NFC driver
linuxSpecifically prevent loading of the vulnerable digital NFC driver
modprobe -r nfc_digital
echo 'blacklist nfc_digital' >> /etc/modprobe.d/blacklist.conf
🧯 If You Can't Patch
- Disable all NFC functionality if not required
- Implement memory monitoring and alerting for abnormal consumption patterns
🔍 How to Verify
Check if Vulnerable:
Check kernel version and if NFC digital driver is loaded: 'lsmod | grep nfc_digital' and 'uname -r'Check Version:
uname -rVerify Fix Applied:
Verify kernel version is updated beyond vulnerable versions and NFC modules are either updated or disabled📡 Detection & Monitoring
Log Indicators:
- Kernel oom (out of memory) messages
- System memory exhaustion alerts
- NFC-related error messages in kernel logs
Network Indicators:
- N/A - This is a local memory management issue
SIEM Query:
source="kernel" AND ("out of memory" OR "oom" OR "nfc")🔗 References
- https://git.kernel.org/stable/c/3f2960b39f22e26cf8addae93c3f5884d1c183c9
- https://git.kernel.org/stable/c/429054ec51e648d241a7e0b465cf44f6633334c5
- https://git.kernel.org/stable/c/564249219e5b5673a8416b5181875d828c3f1e8c
- https://git.kernel.org/stable/c/58e7dcc9ca29c14e44267a4d0ea61e3229124907
- https://git.kernel.org/stable/c/7ab488d7228a9dceb2456867f1f0919decf6efed
- https://git.kernel.org/stable/c/9881b0c860649f27ef2565deef011e516390f416
- https://git.kernel.org/stable/c/a67d47e32c91e2b10402cb8c081774cbf08edb2e
- https://git.kernel.org/stable/c/b7b023e6ff567e991c31cd425b0e1d16779c938b
- https://git.kernel.org/stable/c/3f2960b39f22e26cf8addae93c3f5884d1c183c9
- https://git.kernel.org/stable/c/429054ec51e648d241a7e0b465cf44f6633334c5
- https://git.kernel.org/stable/c/564249219e5b5673a8416b5181875d828c3f1e8c
- https://git.kernel.org/stable/c/58e7dcc9ca29c14e44267a4d0ea61e3229124907
- https://git.kernel.org/stable/c/7ab488d7228a9dceb2456867f1f0919decf6efed
- https://git.kernel.org/stable/c/9881b0c860649f27ef2565deef011e516390f416
- https://git.kernel.org/stable/c/a67d47e32c91e2b10402cb8c081774cbf08edb2e
- https://git.kernel.org/stable/c/b7b023e6ff567e991c31cd425b0e1d16779c938b
