Vulnerability-Lookup

alsa-2024:4352

Vulnerability from osv_almalinux

Published

2024-07-08 00:00

Modified

2024-07-08 18:07

Summary

Important: kernel-rt security and bug fix update

Details

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.

Security Fix(es):

kernel: tls (CVE-2024-26585,CVE-2024-26584, CVE-2024-26583
kernel-rt: kernel: PCI interrupt mapping cause oops [almalinux-8] (CVE-2021-46909)
kernel: ipc/mqueue, msg, sem: avoid relying on a stack reference past its expiry (CVE-2021-47069)
kernel: hwrng: core - Fix page fault dead lock on mmap-ed hwrng (CVE-2023-52615)
kernel-rt: kernel: drm/amdgpu: use-after-free vulnerability (CVE-2024-26656)
kernel: Bluetooth: Avoid potential use-after-free in hci_error_reset CVE-2024-26801)
kernel: Squashfs: check the inode number is not the invalid value of zero (CVE-2024-26982)
kernel: netfilter: nf_tables: use timestamp to check for set element timeout (CVE-2024-27397)
kernel: wifi: mac80211: (CVE-2024-35789, CVE-2024-35838, CVE-2024-35845)
kernel: wifi: nl80211: reject iftype change with mesh ID change (CVE-2024-27410)
kernel: perf/core: Bail out early if the request AUX area is out of bound (CVE-2023-52835)
kernel:TCP-spoofed ghost ACKs and leak initial sequence number (CVE-2023-52881)
kernel: Bluetooth BR/EDR PIN Pairing procedure is vulnerable to an impersonation attack (CVE-2020-26555)
kernel: ovl: fix leaked dentry (CVE-2021-46972)
kernel: platform/x86: dell-smbios-wmi: Fix oops on rmmod dell_smbios (CVE-2021-47073)
kernel: mm/damon/vaddr-test: memory leak in damon_do_test_apply_three_regions() (CVE-2023-52560)
kernel: ppp_async: limit MRU to 64K (CVE-2024-26675)
kernel: mm/swap: fix race when skipping swapcache (CVE-2024-26759)
kernel: RDMA/mlx5: Fix fortify source warning while accessing Eth segment (CVE-2024-26907)
kernel: x86/mm: Disallow vsyscall page read for copy_from_kernel_nofault() (CVE-2024-26906)
kernel: net: ip_tunnel: prevent perpetual headroom growth (CVE-2024-26804)
kernel: net/usb: kalmia: avoid printing uninitialized value on error path (CVE-2023-52703)
kernel: KVM: SVM: improper check in svm_set_x2apic_msr_interception allows direct access to host x2apic msrs (CVE-2023-5090)
kernel: EDAC/thunderx: Incorrect buffer size in drivers/edac/thunderx_edac.c (CVE-2023-52464)
kernel: ipv6: sr: fix possible use-after-free and null-ptr-deref (CVE-2024-26735)
kernel: mptcp: fix data re-injection from stale subflow (CVE-2024-26826)
kernel: net/bnx2x: Prevent access to a freed page in page_pool (CVE-2024-26859)
kernel: crypto: (CVE-2024-26974, CVE-2023-52813)
kernel: can: (CVE-2023-52878, CVE-2021-47456)
kernel: usb: (CVE-2023-52781, CVE-2023-52877)
kernel: net/mlx5e: fix a potential double-free in fs_any_create_groups (CVE-2023-52667)
kernel: usbnet: sanity check for maxpacket (CVE-2021-47495)
kernel: gro: fix ownership transfer (CVE-2024-35890)
kernel: erspan: make sure erspan_base_hdr is present in skb->head (CVE-2024-35888)
kernel: tipc: fix kernel warning when sending SYN message (CVE-2023-52700)
kernel: net/mlx5/mlxsw: (CVE-2024-35960, CVE-2024-36007, CVE-2024-35855)
kernel: net/mlx5e: (CVE-2024-35959, CVE-2023-52626, CVE-2024-35835)
kernel: mlxsw: (CVE-2024-35854, CVE-2024-35853, CVE-2024-35852)
kernel: net: (CVE-2024-35958, CVE-2021-47311, CVE-2021-47236, CVE-2021-47310)
kernel: i40e: Do not use WQ_MEM_RECLAIM flag for workqueue (CVE-2024-36004)
kernel: mISDN: fix possible use-after-free in HFC_cleanup() (CVE-2021-47356)
kernel: udf: Fix NULL pointer dereference in udf_symlink function (CVE-2021-47353)

Bug Fix(es):

kernel-rt: update RT source tree to the latest AlmaLinux-8.10.z kernel (JIRA:AlmaLinux-40882)
[almalinux8.9][cxgb4]BUG: using smp_processor_id() in preemptible [00000000] code: ethtool/54735 (JIRA:AlmaLinux-8779)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References

URL

Type

	https://access.redhat.com/errata/RHSA-2024:4352	ADVISORY
	https://access.redhat.com/security/cve/CVE-2020-26555	REPORT
	https://access.redhat.com/security/cve/CVE-2021-46909	REPORT
	https://access.redhat.com/security/cve/CVE-2021-46972	REPORT
	https://access.redhat.com/security/cve/CVE-2021-47069	REPORT
	https://access.redhat.com/security/cve/CVE-2021-47073	REPORT
	https://access.redhat.com/security/cve/CVE-2021-47236	REPORT
	https://access.redhat.com/security/cve/CVE-2021-47310	REPORT
	https://access.redhat.com/security/cve/CVE-2021-47311	REPORT
	https://access.redhat.com/security/cve/CVE-2021-47353	REPORT
	https://access.redhat.com/security/cve/CVE-2021-47356	REPORT
	https://access.redhat.com/security/cve/CVE-2021-47456	REPORT
	https://access.redhat.com/security/cve/CVE-2021-47495	REPORT
	https://access.redhat.com/security/cve/CVE-2023-5090	REPORT
	https://access.redhat.com/security/cve/CVE-2023-52464	REPORT
	https://access.redhat.com/security/cve/CVE-2023-52560	REPORT
	https://access.redhat.com/security/cve/CVE-2023-52615	REPORT
	https://access.redhat.com/security/cve/CVE-2023-52626	REPORT
	https://access.redhat.com/security/cve/CVE-2023-52667	REPORT
	https://access.redhat.com/security/cve/CVE-2023-52700	REPORT
	https://access.redhat.com/security/cve/CVE-2023-52703	REPORT
	https://access.redhat.com/security/cve/CVE-2023-52781	REPORT
	https://access.redhat.com/security/cve/CVE-2023-52813	REPORT
	https://access.redhat.com/security/cve/CVE-2023-52835	REPORT
	https://access.redhat.com/security/cve/CVE-2023-52877	REPORT
	https://access.redhat.com/security/cve/CVE-2023-52878	REPORT
	https://access.redhat.com/security/cve/CVE-2023-52881	REPORT
	https://access.redhat.com/security/cve/CVE-2024-26583	REPORT
	https://access.redhat.com/security/cve/CVE-2024-26584	REPORT
	https://access.redhat.com/security/cve/CVE-2024-26585	REPORT
	https://access.redhat.com/security/cve/CVE-2024-26656	REPORT
	https://access.redhat.com/security/cve/CVE-2024-26675	REPORT
	https://access.redhat.com/security/cve/CVE-2024-26735	REPORT
	https://access.redhat.com/security/cve/CVE-2024-26759	REPORT
	https://access.redhat.com/security/cve/CVE-2024-26801	REPORT
	https://access.redhat.com/security/cve/CVE-2024-26804	REPORT
	https://access.redhat.com/security/cve/CVE-2024-26826	REPORT
	https://access.redhat.com/security/cve/CVE-2024-26859	REPORT
	https://access.redhat.com/security/cve/CVE-2024-26906	REPORT
	https://access.redhat.com/security/cve/CVE-2024-26907	REPORT
	https://access.redhat.com/security/cve/CVE-2024-26974	REPORT
	https://access.redhat.com/security/cve/CVE-2024-26982	REPORT
	https://access.redhat.com/security/cve/CVE-2024-27397	REPORT
	https://access.redhat.com/security/cve/CVE-2024-27410	REPORT
	https://access.redhat.com/security/cve/CVE-2024-35789	REPORT
	https://access.redhat.com/security/cve/CVE-2024-35835	REPORT
	https://access.redhat.com/security/cve/CVE-2024-35838	REPORT
	https://access.redhat.com/security/cve/CVE-2024-35845	REPORT
	https://access.redhat.com/security/cve/CVE-2024-35852	REPORT
	https://access.redhat.com/security/cve/CVE-2024-35853	REPORT
	https://access.redhat.com/security/cve/CVE-2024-35854	REPORT
	https://access.redhat.com/security/cve/CVE-2024-35855	REPORT
	https://access.redhat.com/security/cve/CVE-2024-35888	REPORT
	https://access.redhat.com/security/cve/CVE-2024-35890	REPORT
	https://access.redhat.com/security/cve/CVE-2024-35958	REPORT
	https://access.redhat.com/security/cve/CVE-2024-35959	REPORT
	https://access.redhat.com/security/cve/CVE-2024-35960	REPORT
	https://access.redhat.com/security/cve/CVE-2024-36004	REPORT
	https://access.redhat.com/security/cve/CVE-2024-36007	REPORT
	https://bugzilla.redhat.com/1918601	REPORT
	https://bugzilla.redhat.com/2248122	REPORT
	https://bugzilla.redhat.com/2258875	REPORT
	https://bugzilla.redhat.com/2265517	REPORT
	https://bugzilla.redhat.com/2265519	REPORT
	https://bugzilla.redhat.com/2265520	REPORT
	https://bugzilla.redhat.com/2265800	REPORT
	https://bugzilla.redhat.com/2266408	REPORT
	https://bugzilla.redhat.com/2266831	REPORT
	https://bugzilla.redhat.com/2267513	REPORT
	https://bugzilla.redhat.com/2267518	REPORT
	https://bugzilla.redhat.com/2267730	REPORT
	https://bugzilla.redhat.com/2270093	REPORT
	https://bugzilla.redhat.com/2271680	REPORT
	https://bugzilla.redhat.com/2272692	REPORT
	https://bugzilla.redhat.com/2272829	REPORT
	https://bugzilla.redhat.com/2273204	REPORT
	https://bugzilla.redhat.com/2273278	REPORT
	https://bugzilla.redhat.com/2273423	REPORT
	https://bugzilla.redhat.com/2273429	REPORT
	https://bugzilla.redhat.com/2275604	REPORT
	https://bugzilla.redhat.com/2275633	REPORT
	https://bugzilla.redhat.com/2275635	REPORT
	https://bugzilla.redhat.com/2275733	REPORT
	https://bugzilla.redhat.com/2278337	REPORT
	https://bugzilla.redhat.com/2278354	REPORT
	https://bugzilla.redhat.com/2280434	REPORT
	https://bugzilla.redhat.com/2281057	REPORT
	https://bugzilla.redhat.com/2281113	REPORT
	https://bugzilla.redhat.com/2281157	REPORT
	https://bugzilla.redhat.com/2281165	REPORT
	https://bugzilla.redhat.com/2281251	REPORT
	https://bugzilla.redhat.com/2281253	REPORT
	https://bugzilla.redhat.com/2281255	REPORT
	https://bugzilla.redhat.com/2281257	REPORT
	https://bugzilla.redhat.com/2281272	REPORT
	https://bugzilla.redhat.com/2281350	REPORT
	https://bugzilla.redhat.com/2281689	REPORT
	https://bugzilla.redhat.com/2281693	REPORT
	https://bugzilla.redhat.com/2281920	REPORT
	https://bugzilla.redhat.com/2281923	REPORT
	https://bugzilla.redhat.com/2281925	REPORT
	https://bugzilla.redhat.com/2281953	REPORT
	https://bugzilla.redhat.com/2281986	REPORT
	https://bugzilla.redhat.com/2282394	REPORT
	https://bugzilla.redhat.com/2282400	REPORT
	https://bugzilla.redhat.com/2282471	REPORT
	https://bugzilla.redhat.com/2282472	REPORT
	https://bugzilla.redhat.com/2282581	REPORT
	https://bugzilla.redhat.com/2282609	REPORT
	https://bugzilla.redhat.com/2282612	REPORT
	https://bugzilla.redhat.com/2282653	REPORT
	https://bugzilla.redhat.com/2282680	REPORT
	https://bugzilla.redhat.com/2282698	REPORT
	https://bugzilla.redhat.com/2282712	REPORT
	https://bugzilla.redhat.com/2282735	REPORT
	https://bugzilla.redhat.com/2282902	REPORT
	https://bugzilla.redhat.com/2282920	REPORT
	https://errata.almalinux.org/8/ALSA-2024-4352.html	ADVISORY

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "kernel-rt"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "4.18.0-553.8.1.rt7.349.el8_10"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "kernel-rt-core"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "4.18.0-553.8.1.rt7.349.el8_10"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "kernel-rt-debug"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "4.18.0-553.8.1.rt7.349.el8_10"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "kernel-rt-debug-core"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "4.18.0-553.8.1.rt7.349.el8_10"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "kernel-rt-debug-devel"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "4.18.0-553.8.1.rt7.349.el8_10"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "kernel-rt-debug-kvm"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "4.18.0-553.8.1.rt7.349.el8_10"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "kernel-rt-debug-modules"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "4.18.0-553.8.1.rt7.349.el8_10"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "kernel-rt-debug-modules-extra"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "4.18.0-553.8.1.rt7.349.el8_10"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "kernel-rt-devel"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "4.18.0-553.8.1.rt7.349.el8_10"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "kernel-rt-kvm"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "4.18.0-553.8.1.rt7.349.el8_10"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "kernel-rt-modules"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "4.18.0-553.8.1.rt7.349.el8_10"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "AlmaLinux:8",
        "name": "kernel-rt-modules-extra"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "4.18.0-553.8.1.rt7.349.el8_10"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "details": "The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.\n\nSecurity Fix(es):\n\n* kernel: tls (CVE-2024-26585,CVE-2024-26584, CVE-2024-26583\n* kernel-rt: kernel: PCI interrupt mapping cause oops [almalinux-8] (CVE-2021-46909)\n* kernel: ipc/mqueue, msg, sem: avoid relying on a stack reference past its expiry (CVE-2021-47069)\n* kernel: hwrng: core - Fix page fault dead lock on mmap-ed hwrng (CVE-2023-52615)\n* kernel-rt: kernel: drm/amdgpu: use-after-free vulnerability (CVE-2024-26656)\n* kernel: Bluetooth: Avoid potential use-after-free in hci_error_reset CVE-2024-26801)\n* kernel: Squashfs: check the inode number is not the invalid value of zero  (CVE-2024-26982)\n* kernel: netfilter: nf_tables: use timestamp to check for set element timeout (CVE-2024-27397)\n* kernel: wifi: mac80211: (CVE-2024-35789, CVE-2024-35838, CVE-2024-35845)\n* kernel: wifi: nl80211: reject iftype change with mesh ID change (CVE-2024-27410)\n* kernel: perf/core: Bail out early if the request AUX area is out of bound (CVE-2023-52835)\n* kernel:TCP-spoofed ghost ACKs and leak initial sequence number (CVE-2023-52881)\n* kernel: Bluetooth BR/EDR PIN Pairing procedure is vulnerable to an impersonation attack (CVE-2020-26555)\n* kernel: ovl: fix leaked dentry (CVE-2021-46972)\n* kernel: platform/x86: dell-smbios-wmi: Fix oops on rmmod dell_smbios (CVE-2021-47073)\n* kernel: mm/damon/vaddr-test: memory leak in damon_do_test_apply_three_regions() (CVE-2023-52560)\n* kernel: ppp_async: limit MRU to 64K (CVE-2024-26675)\n* kernel: mm/swap: fix race when skipping swapcache (CVE-2024-26759)\n* kernel: RDMA/mlx5: Fix fortify source warning while accessing Eth segment (CVE-2024-26907)\n* kernel: x86/mm: Disallow vsyscall page read for copy_from_kernel_nofault() (CVE-2024-26906)\n* kernel: net: ip_tunnel: prevent perpetual headroom growth (CVE-2024-26804)\n* kernel: net/usb: kalmia: avoid printing uninitialized value on error path (CVE-2023-52703)\n* kernel: KVM: SVM: improper check in svm_set_x2apic_msr_interception allows direct access to host x2apic msrs (CVE-2023-5090)\n* kernel: EDAC/thunderx: Incorrect buffer size in drivers/edac/thunderx_edac.c (CVE-2023-52464)\n* kernel: ipv6: sr: fix possible use-after-free and null-ptr-deref (CVE-2024-26735)\n* kernel: mptcp: fix data re-injection from stale subflow (CVE-2024-26826)\n* kernel: net/bnx2x: Prevent access to a freed page in page_pool (CVE-2024-26859)\n* kernel: crypto: (CVE-2024-26974, CVE-2023-52813)\n* kernel: can: (CVE-2023-52878, CVE-2021-47456)\n* kernel: usb: (CVE-2023-52781, CVE-2023-52877)\n* kernel: net/mlx5e: fix a potential double-free in fs_any_create_groups (CVE-2023-52667)\n* kernel: usbnet: sanity check for maxpacket (CVE-2021-47495)\n* kernel: gro: fix ownership transfer (CVE-2024-35890)\n* kernel: erspan: make sure erspan_base_hdr is present in skb-\u0026gt;head (CVE-2024-35888)\n* kernel: tipc: fix kernel warning when sending SYN message (CVE-2023-52700)\n* kernel: net/mlx5/mlxsw: (CVE-2024-35960, CVE-2024-36007, CVE-2024-35855)\n* kernel: net/mlx5e: (CVE-2024-35959, CVE-2023-52626, CVE-2024-35835)\n* kernel: mlxsw: (CVE-2024-35854, CVE-2024-35853, CVE-2024-35852)\n* kernel: net: (CVE-2024-35958, CVE-2021-47311, CVE-2021-47236, CVE-2021-47310)\n* kernel: i40e: Do not use WQ_MEM_RECLAIM flag for workqueue (CVE-2024-36004)\n* kernel: mISDN: fix possible use-after-free in HFC_cleanup() (CVE-2021-47356)\n* kernel: udf: Fix NULL pointer dereference in udf_symlink function (CVE-2021-47353)\n\nBug Fix(es):\n\n* kernel-rt: update RT source tree to the latest AlmaLinux-8.10.z kernel (JIRA:AlmaLinux-40882)\n* [almalinux8.9][cxgb4]BUG: using smp_processor_id() in preemptible [00000000] code: ethtool/54735 (JIRA:AlmaLinux-8779)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
  "id": "ALSA-2024:4352",
  "modified": "2024-07-08T18:07:21Z",
  "published": "2024-07-08T00:00:00Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://access.redhat.com/errata/RHSA-2024:4352"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2020-26555"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2021-46909"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2021-46972"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2021-47069"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2021-47073"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2021-47236"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2021-47310"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2021-47311"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2021-47353"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2021-47356"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2021-47456"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2021-47495"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2023-5090"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2023-52464"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2023-52560"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2023-52615"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2023-52626"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2023-52667"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2023-52700"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2023-52703"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2023-52781"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2023-52813"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2023-52835"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2023-52877"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2023-52878"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2023-52881"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2024-26583"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2024-26584"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2024-26585"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2024-26656"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2024-26675"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2024-26735"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2024-26759"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2024-26801"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2024-26804"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2024-26826"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2024-26859"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2024-26906"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2024-26907"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2024-26974"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2024-26982"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2024-27397"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2024-27410"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2024-35789"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2024-35835"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2024-35838"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2024-35845"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2024-35852"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2024-35853"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2024-35854"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2024-35855"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2024-35888"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2024-35890"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2024-35958"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2024-35959"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2024-35960"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2024-36004"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2024-36007"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/1918601"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2248122"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2258875"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2265517"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2265519"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2265520"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2265800"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2266408"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2266831"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2267513"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2267518"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2267730"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2270093"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2271680"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2272692"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2272829"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2273204"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2273278"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2273423"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2273429"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2275604"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2275633"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2275635"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2275733"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2278337"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2278354"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2280434"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2281057"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2281113"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2281157"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2281165"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2281251"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2281253"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2281255"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2281257"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2281272"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2281350"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2281689"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2281693"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2281920"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2281923"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2281925"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2281953"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2281986"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2282394"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2282400"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2282471"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2282472"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2282581"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2282609"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2282612"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2282653"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2282680"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2282698"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2282712"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2282735"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2282902"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/2282920"
    },
    {
      "type": "ADVISORY",
      "url": "https://errata.almalinux.org/8/ALSA-2024-4352.html"
    }
  ],
  "related": [
    "CVE-2024-26585",
    "CVE-2024-26584",
    "CVE-2024-26583",
    "CVE-2021-46909",
    "CVE-2021-47069",
    "CVE-2023-52615",
    "CVE-2024-26656",
    "CVE-2024-26801",
    "CVE-2024-26982",
    "CVE-2024-27397",
    "CVE-2024-35789",
    "CVE-2024-35838",
    "CVE-2024-35845",
    "CVE-2024-27410",
    "CVE-2023-52835",
    "CVE-2023-52881",
    "CVE-2020-26555",
    "CVE-2021-46972",
    "CVE-2021-47073",
    "CVE-2023-52560",
    "CVE-2024-26675",
    "CVE-2024-26759",
    "CVE-2024-26907",
    "CVE-2024-26906",
    "CVE-2024-26804",
    "CVE-2023-52703",
    "CVE-2023-5090",
    "CVE-2023-52464",
    "CVE-2024-26735",
    "CVE-2024-26826",
    "CVE-2024-26859",
    "CVE-2024-26974",
    "CVE-2023-52813",
    "CVE-2023-52878",
    "CVE-2021-47456",
    "CVE-2023-52781",
    "CVE-2023-52877",
    "CVE-2023-52667",
    "CVE-2021-47495",
    "CVE-2024-35890",
    "CVE-2024-35888",
    "CVE-2023-52700",
    "CVE-2024-35960",
    "CVE-2024-36007",
    "CVE-2024-35855",
    "CVE-2024-35959",
    "CVE-2023-52626",
    "CVE-2024-35835",
    "CVE-2024-35854",
    "CVE-2024-35853",
    "CVE-2024-35852",
    "CVE-2024-35958",
    "CVE-2021-47311",
    "CVE-2021-47236",
    "CVE-2021-47310",
    "CVE-2024-36004",
    "CVE-2021-47356",
    "CVE-2021-47353"
  ],
  "summary": "Important: kernel-rt security and bug fix update"
}

CVE-2020-26555 (GCVE-0-2020-26555)

Vulnerability from cvelistv5 – Published: 2021-05-24 17:41 – Updated: 2025-11-04 19:12

Summary

Bluetooth legacy BR/EDR PIN code pairing in Bluetooth Core Specification 1.0B through 5.2 may permit an unauthenticated nearby device to spoof the BD_ADDR of the peer device to complete pairing without knowledge of the PIN.

Severity ?

No CVSS data available.

CWE

Assigner

mitre

References

4 references

URL	Tags
https://www.bluetooth.com/learn-about-bluetooth/k…	x_refsource_MISC
https://kb.cert.org/vuls/id/799380	x_refsource_MISC
https://lists.fedoraproject.org/archives/list/pac…	vendor-advisoryx_refsource_FEDORA
https://www.intel.com/content/www/us/en/security-…	x_refsource_CONFIRM

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2025-11-04T19:12:16.581Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.bluetooth.com/learn-about-bluetooth/key-attributes/bluetooth-security/reporting-security/"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://kb.cert.org/vuls/id/799380"
          },
          {
            "name": "FEDORA-2021-a35b44fd9f",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NSS6CTGE4UGTJLCOZOASDR3T3SLL6QJZ/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00520.html"
          },
          {
            "url": "https://www.kb.cert.org/vuls/id/799380"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Bluetooth legacy BR/EDR PIN code pairing in Bluetooth Core Specification 1.0B through 5.2 may permit an unauthenticated nearby device to spoof the BD_ADDR of the peer device to complete pairing without knowledge of the PIN."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-06-08T17:06:22.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.bluetooth.com/learn-about-bluetooth/key-attributes/bluetooth-security/reporting-security/"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://kb.cert.org/vuls/id/799380"
        },
        {
          "name": "FEDORA-2021-a35b44fd9f",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NSS6CTGE4UGTJLCOZOASDR3T3SLL6QJZ/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00520.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2020-26555",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Bluetooth legacy BR/EDR PIN code pairing in Bluetooth Core Specification 1.0B through 5.2 may permit an unauthenticated nearby device to spoof the BD_ADDR of the peer device to complete pairing without knowledge of the PIN."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.bluetooth.com/learn-about-bluetooth/key-attributes/bluetooth-security/reporting-security/",
              "refsource": "MISC",
              "url": "https://www.bluetooth.com/learn-about-bluetooth/key-attributes/bluetooth-security/reporting-security/"
            },
            {
              "name": "https://kb.cert.org/vuls/id/799380",
              "refsource": "MISC",
              "url": "https://kb.cert.org/vuls/id/799380"
            },
            {
              "name": "FEDORA-2021-a35b44fd9f",
              "refsource": "FEDORA",
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NSS6CTGE4UGTJLCOZOASDR3T3SLL6QJZ/"
            },
            {
              "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00520.html",
              "refsource": "CONFIRM",
              "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00520.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2020-26555",
    "datePublished": "2021-05-24T17:41:15.000Z",
    "dateReserved": "2020-10-04T00:00:00.000Z",
    "dateUpdated": "2025-11-04T19:12:16.581Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2021-46909 (GCVE-0-2021-46909)

Vulnerability from cvelistv5 – Published: 2024-02-27 06:53 – Updated: 2026-05-11 13:44

Title

ARM: footbridge: fix PCI interrupt mapping

Summary

In the Linux kernel, the following vulnerability has been resolved: ARM: footbridge: fix PCI interrupt mapping Since commit 30fdfb929e82 ("PCI: Add a call to pci_assign_irq() in pci_device_probe()"), the PCI code will call the IRQ mapping function whenever a PCI driver is probed. If these are marked as __init, this causes an oops if a PCI driver is loaded or bound after the kernel has initialised.

Severity ?

No CVSS data available.

Assigner

Linux

References

6 references

URL	Tags
https://git.kernel.org/stable/c/532747fd5c7aaa17e…
https://git.kernel.org/stable/c/2643da6aa57920d91…
https://git.kernel.org/stable/c/871b569a3e67f570d…
https://git.kernel.org/stable/c/1fc087fdb98d556b4…
https://git.kernel.org/stable/c/c3efce8cc98073396…
https://git.kernel.org/stable/c/30e3b4f256b4e366a…

Impacted products

2 products

Vendor	Product	Version
Linux	Linux	Affected: 30fdfb929e82450bbf3d0e0aba56efbc29b52b52 , < 532747fd5c7aaa17ee5cf79f3e947c31eb0e35cf (git) Affected: 30fdfb929e82450bbf3d0e0aba56efbc29b52b52 , < 2643da6aa57920d9159a1a579fb04f89a2b0d29a (git) Affected: 30fdfb929e82450bbf3d0e0aba56efbc29b52b52 , < 871b569a3e67f570df9f5ba195444dc7c621293b (git) Affected: 30fdfb929e82450bbf3d0e0aba56efbc29b52b52 , < 1fc087fdb98d556b416c82ed6e3964a30885f47a (git) Affected: 30fdfb929e82450bbf3d0e0aba56efbc29b52b52 , < c3efce8cc9807339633ee30e39882f4c8626ee1d (git) Affected: 30fdfb929e82450bbf3d0e0aba56efbc29b52b52 , < 30e3b4f256b4e366a61658c294f6a21b8626dda7 (git)
Linux	Linux	Affected: 4.13 Unaffected: 0 , < 4.13 (semver) Unaffected: 4.14.232 , ≤ 4.14.* (semver) Unaffected: 4.19.189 , ≤ 4.19.* (semver) Unaffected: 5.4.114 , ≤ 5.4.* (semver) Unaffected: 5.10.32 , ≤ 5.10.* (semver) Unaffected: 5.11.16 , ≤ 5.11.* (semver) Unaffected: 5.12 , ≤ * (original_commit_for_fix)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-46909",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-03-05T22:33:27.334758Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:13:15.270Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T05:17:42.879Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/532747fd5c7aaa17ee5cf79f3e947c31eb0e35cf"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/2643da6aa57920d9159a1a579fb04f89a2b0d29a"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/871b569a3e67f570df9f5ba195444dc7c621293b"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/1fc087fdb98d556b416c82ed6e3964a30885f47a"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/c3efce8cc9807339633ee30e39882f4c8626ee1d"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/30e3b4f256b4e366a61658c294f6a21b8626dda7"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "arch/arm/mach-footbridge/cats-pci.c",
            "arch/arm/mach-footbridge/ebsa285-pci.c",
            "arch/arm/mach-footbridge/netwinder-pci.c",
            "arch/arm/mach-footbridge/personal-pci.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "532747fd5c7aaa17ee5cf79f3e947c31eb0e35cf",
              "status": "affected",
              "version": "30fdfb929e82450bbf3d0e0aba56efbc29b52b52",
              "versionType": "git"
            },
            {
              "lessThan": "2643da6aa57920d9159a1a579fb04f89a2b0d29a",
              "status": "affected",
              "version": "30fdfb929e82450bbf3d0e0aba56efbc29b52b52",
              "versionType": "git"
            },
            {
              "lessThan": "871b569a3e67f570df9f5ba195444dc7c621293b",
              "status": "affected",
              "version": "30fdfb929e82450bbf3d0e0aba56efbc29b52b52",
              "versionType": "git"
            },
            {
              "lessThan": "1fc087fdb98d556b416c82ed6e3964a30885f47a",
              "status": "affected",
              "version": "30fdfb929e82450bbf3d0e0aba56efbc29b52b52",
              "versionType": "git"
            },
            {
              "lessThan": "c3efce8cc9807339633ee30e39882f4c8626ee1d",
              "status": "affected",
              "version": "30fdfb929e82450bbf3d0e0aba56efbc29b52b52",
              "versionType": "git"
            },
            {
              "lessThan": "30e3b4f256b4e366a61658c294f6a21b8626dda7",
              "status": "affected",
              "version": "30fdfb929e82450bbf3d0e0aba56efbc29b52b52",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "arch/arm/mach-footbridge/cats-pci.c",
            "arch/arm/mach-footbridge/ebsa285-pci.c",
            "arch/arm/mach-footbridge/netwinder-pci.c",
            "arch/arm/mach-footbridge/personal-pci.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "4.13"
            },
            {
              "lessThan": "4.13",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.14.*",
              "status": "unaffected",
              "version": "4.14.232",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.19.*",
              "status": "unaffected",
              "version": "4.19.189",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.114",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.32",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.11.*",
              "status": "unaffected",
              "version": "5.11.16",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.12",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "4.14.232",
                  "versionStartIncluding": "4.13",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "4.19.189",
                  "versionStartIncluding": "4.13",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.4.114",
                  "versionStartIncluding": "4.13",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.10.32",
                  "versionStartIncluding": "4.13",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.11.16",
                  "versionStartIncluding": "4.13",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.12",
                  "versionStartIncluding": "4.13",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nARM: footbridge: fix PCI interrupt mapping\n\nSince commit 30fdfb929e82 (\"PCI: Add a call to pci_assign_irq() in\npci_device_probe()\"), the PCI code will call the IRQ mapping function\nwhenever a PCI driver is probed. If these are marked as __init, this\ncauses an oops if a PCI driver is loaded or bound after the kernel has\ninitialised."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-05-11T13:44:13.718Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/532747fd5c7aaa17ee5cf79f3e947c31eb0e35cf"
        },
        {
          "url": "https://git.kernel.org/stable/c/2643da6aa57920d9159a1a579fb04f89a2b0d29a"
        },
        {
          "url": "https://git.kernel.org/stable/c/871b569a3e67f570df9f5ba195444dc7c621293b"
        },
        {
          "url": "https://git.kernel.org/stable/c/1fc087fdb98d556b416c82ed6e3964a30885f47a"
        },
        {
          "url": "https://git.kernel.org/stable/c/c3efce8cc9807339633ee30e39882f4c8626ee1d"
        },
        {
          "url": "https://git.kernel.org/stable/c/30e3b4f256b4e366a61658c294f6a21b8626dda7"
        }
      ],
      "title": "ARM: footbridge: fix PCI interrupt mapping",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2021-46909",
    "datePublished": "2024-02-27T06:53:50.181Z",
    "dateReserved": "2024-02-25T13:45:52.718Z",
    "dateUpdated": "2026-05-11T13:44:13.718Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2021-46972 (GCVE-0-2021-46972)

Vulnerability from cvelistv5 – Published: 2024-02-27 18:47 – Updated: 2026-05-11 13:45

Title

ovl: fix leaked dentry

Summary

In the Linux kernel, the following vulnerability has been resolved: ovl: fix leaked dentry Since commit 6815f479ca90 ("ovl: use only uppermetacopy state in ovl_lookup()"), overlayfs doesn't put temporary dentry when there is a metacopy error, which leads to dentry leaks when shutting down the related superblock: overlayfs: refusing to follow metacopy origin for (/file0) ... BUG: Dentry (____ptrval____){i=3f33,n=file3} still in use (1) [unmount of overlay overlay] ... WARNING: CPU: 1 PID: 432 at umount_check.cold+0x107/0x14d CPU: 1 PID: 432 Comm: unmount-overlay Not tainted 5.12.0-rc5 #1 ... RIP: 0010:umount_check.cold+0x107/0x14d ... Call Trace: d_walk+0x28c/0x950 ? dentry_lru_isolate+0x2b0/0x2b0 ? __kasan_slab_free+0x12/0x20 do_one_tree+0x33/0x60 shrink_dcache_for_umount+0x78/0x1d0 generic_shutdown_super+0x70/0x440 kill_anon_super+0x3e/0x70 deactivate_locked_super+0xc4/0x160 deactivate_super+0xfa/0x140 cleanup_mnt+0x22e/0x370 __cleanup_mnt+0x1a/0x30 task_work_run+0x139/0x210 do_exit+0xb0c/0x2820 ? __kasan_check_read+0x1d/0x30 ? find_held_lock+0x35/0x160 ? lock_release+0x1b6/0x660 ? mm_update_next_owner+0xa20/0xa20 ? reacquire_held_locks+0x3f0/0x3f0 ? __sanitizer_cov_trace_const_cmp4+0x22/0x30 do_group_exit+0x135/0x380 __do_sys_exit_group.isra.0+0x20/0x20 __x64_sys_exit_group+0x3c/0x50 do_syscall_64+0x45/0x70 entry_SYSCALL_64_after_hwframe+0x44/0xae ... VFS: Busy inodes after unmount of overlay. Self-destruct in 5 seconds. Have a nice day... This fix has been tested with a syzkaller reproducer.

Severity ?

No CVSS data available.

Assigner

Linux

References

4 references

URL	Tags
https://git.kernel.org/stable/c/71d58457a8afc650d…
https://git.kernel.org/stable/c/cf3e3330bc5719fa9…
https://git.kernel.org/stable/c/d587cfaef72b1b6f4…
https://git.kernel.org/stable/c/eaab1d45cdb4bb0c8…

Impacted products

2 products

Vendor	Product	Version
Linux	Linux	Affected: 6815f479ca90ee7fd2e28b2a420f796b974155fe , < 71d58457a8afc650da5d3292a7f7029317654d95 (git) Affected: 6815f479ca90ee7fd2e28b2a420f796b974155fe , < cf3e3330bc5719fa9d658e3e2f596bde89344a94 (git) Affected: 6815f479ca90ee7fd2e28b2a420f796b974155fe , < d587cfaef72b1b6f4b2774827123bce91f497cc8 (git) Affected: 6815f479ca90ee7fd2e28b2a420f796b974155fe , < eaab1d45cdb4bb0c846bd23c3d666d5b90af7b41 (git)
Linux	Linux	Affected: 5.8 Unaffected: 0 , < 5.8 (semver) Unaffected: 5.10.35 , ≤ 5.10.* (semver) Unaffected: 5.11.19 , ≤ 5.11.* (semver) Unaffected: 5.12.2 , ≤ 5.12.* (semver) Unaffected: 5.13 , ≤ * (original_commit_for_fix)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-46972",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-06-28T17:00:35.229463Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-28T17:00:43.713Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T05:17:42.888Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/71d58457a8afc650da5d3292a7f7029317654d95"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/cf3e3330bc5719fa9d658e3e2f596bde89344a94"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/d587cfaef72b1b6f4b2774827123bce91f497cc8"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/eaab1d45cdb4bb0c846bd23c3d666d5b90af7b41"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "fs/overlayfs/namei.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "71d58457a8afc650da5d3292a7f7029317654d95",
              "status": "affected",
              "version": "6815f479ca90ee7fd2e28b2a420f796b974155fe",
              "versionType": "git"
            },
            {
              "lessThan": "cf3e3330bc5719fa9d658e3e2f596bde89344a94",
              "status": "affected",
              "version": "6815f479ca90ee7fd2e28b2a420f796b974155fe",
              "versionType": "git"
            },
            {
              "lessThan": "d587cfaef72b1b6f4b2774827123bce91f497cc8",
              "status": "affected",
              "version": "6815f479ca90ee7fd2e28b2a420f796b974155fe",
              "versionType": "git"
            },
            {
              "lessThan": "eaab1d45cdb4bb0c846bd23c3d666d5b90af7b41",
              "status": "affected",
              "version": "6815f479ca90ee7fd2e28b2a420f796b974155fe",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "fs/overlayfs/namei.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "5.8"
            },
            {
              "lessThan": "5.8",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.35",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.11.*",
              "status": "unaffected",
              "version": "5.11.19",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.12.*",
              "status": "unaffected",
              "version": "5.12.2",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.13",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.10.35",
                  "versionStartIncluding": "5.8",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.11.19",
                  "versionStartIncluding": "5.8",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.12.2",
                  "versionStartIncluding": "5.8",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.13",
                  "versionStartIncluding": "5.8",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\novl: fix leaked dentry\n\nSince commit 6815f479ca90 (\"ovl: use only uppermetacopy state in\novl_lookup()\"), overlayfs doesn\u0027t put temporary dentry when there is a\nmetacopy error, which leads to dentry leaks when shutting down the related\nsuperblock:\n\n  overlayfs: refusing to follow metacopy origin for (/file0)\n  ...\n  BUG: Dentry (____ptrval____){i=3f33,n=file3}  still in use (1) [unmount of overlay overlay]\n  ...\n  WARNING: CPU: 1 PID: 432 at umount_check.cold+0x107/0x14d\n  CPU: 1 PID: 432 Comm: unmount-overlay Not tainted 5.12.0-rc5 #1\n  ...\n  RIP: 0010:umount_check.cold+0x107/0x14d\n  ...\n  Call Trace:\n   d_walk+0x28c/0x950\n   ? dentry_lru_isolate+0x2b0/0x2b0\n   ? __kasan_slab_free+0x12/0x20\n   do_one_tree+0x33/0x60\n   shrink_dcache_for_umount+0x78/0x1d0\n   generic_shutdown_super+0x70/0x440\n   kill_anon_super+0x3e/0x70\n   deactivate_locked_super+0xc4/0x160\n   deactivate_super+0xfa/0x140\n   cleanup_mnt+0x22e/0x370\n   __cleanup_mnt+0x1a/0x30\n   task_work_run+0x139/0x210\n   do_exit+0xb0c/0x2820\n   ? __kasan_check_read+0x1d/0x30\n   ? find_held_lock+0x35/0x160\n   ? lock_release+0x1b6/0x660\n   ? mm_update_next_owner+0xa20/0xa20\n   ? reacquire_held_locks+0x3f0/0x3f0\n   ? __sanitizer_cov_trace_const_cmp4+0x22/0x30\n   do_group_exit+0x135/0x380\n   __do_sys_exit_group.isra.0+0x20/0x20\n   __x64_sys_exit_group+0x3c/0x50\n   do_syscall_64+0x45/0x70\n   entry_SYSCALL_64_after_hwframe+0x44/0xae\n  ...\n  VFS: Busy inodes after unmount of overlay. Self-destruct in 5 seconds.  Have a nice day...\n\nThis fix has been tested with a syzkaller reproducer."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-05-11T13:45:29.570Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/71d58457a8afc650da5d3292a7f7029317654d95"
        },
        {
          "url": "https://git.kernel.org/stable/c/cf3e3330bc5719fa9d658e3e2f596bde89344a94"
        },
        {
          "url": "https://git.kernel.org/stable/c/d587cfaef72b1b6f4b2774827123bce91f497cc8"
        },
        {
          "url": "https://git.kernel.org/stable/c/eaab1d45cdb4bb0c846bd23c3d666d5b90af7b41"
        }
      ],
      "title": "ovl: fix leaked dentry",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2021-46972",
    "datePublished": "2024-02-27T18:47:07.276Z",
    "dateReserved": "2024-02-27T18:42:55.943Z",
    "dateUpdated": "2026-05-11T13:45:29.570Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2021-47069 (GCVE-0-2021-47069)

Vulnerability from cvelistv5 – Published: 2024-03-01 21:15 – Updated: 2026-05-11 13:47

Title

ipc/mqueue, msg, sem: avoid relying on a stack reference past its expiry

Summary

In the Linux kernel, the following vulnerability has been resolved: ipc/mqueue, msg, sem: avoid relying on a stack reference past its expiry do_mq_timedreceive calls wq_sleep with a stack local address. The sender (do_mq_timedsend) uses this address to later call pipelined_send. This leads to a very hard to trigger race where a do_mq_timedreceive call might return and leave do_mq_timedsend to rely on an invalid address, causing the following crash: RIP: 0010:wake_q_add_safe+0x13/0x60 Call Trace: __x64_sys_mq_timedsend+0x2a9/0x490 do_syscall_64+0x80/0x680 entry_SYSCALL_64_after_hwframe+0x44/0xa9 RIP: 0033:0x7f5928e40343 The race occurs as: 1. do_mq_timedreceive calls wq_sleep with the address of `struct ext_wait_queue` on function stack (aliased as `ewq_addr` here) - it holds a valid `struct ext_wait_queue *` as long as the stack has not been overwritten. 2. `ewq_addr` gets added to info->e_wait_q[RECV].list in wq_add, and do_mq_timedsend receives it via wq_get_first_waiter(info, RECV) to call __pipelined_op. 3. Sender calls __pipelined_op::smp_store_release(&this->state, STATE_READY). Here is where the race window begins. (`this` is `ewq_addr`.) 4. If the receiver wakes up now in do_mq_timedreceive::wq_sleep, it will see `state == STATE_READY` and break. 5. do_mq_timedreceive returns, and `ewq_addr` is no longer guaranteed to be a `struct ext_wait_queue *` since it was on do_mq_timedreceive's stack. (Although the address may not get overwritten until another function happens to touch it, which means it can persist around for an indefinite time.) 6. do_mq_timedsend::__pipelined_op() still believes `ewq_addr` is a `struct ext_wait_queue *`, and uses it to find a task_struct to pass to the wake_q_add_safe call. In the lucky case where nothing has overwritten `ewq_addr` yet, `ewq_addr->task` is the right task_struct. In the unlucky case, __pipelined_op::wake_q_add_safe gets handed a bogus address as the receiver's task_struct causing the crash. do_mq_timedsend::__pipelined_op() should not dereference `this` after setting STATE_READY, as the receiver counterpart is now free to return. Change __pipelined_op to call wake_q_add_safe on the receiver's task_struct returned by get_task_struct, instead of dereferencing `this` which sits on the receiver's stack. As Manfred pointed out, the race potentially also exists in ipc/msg.c::expunge_all and ipc/sem.c::wake_up_sem_queue_prepare. Fix those in the same way.

Severity ?

No CVSS data available.

Assigner

Linux

References

3 references

URL	Tags
https://git.kernel.org/stable/c/4528c0c323085e645…
https://git.kernel.org/stable/c/807fa14536b26803b…
https://git.kernel.org/stable/c/a11ddb37bf367e6b5…

Impacted products

2 products

Vendor	Product	Version
Linux	Linux	Affected: c5b2cbdbdac563f46ecd5e187253ab1abbd6fc04 , < 4528c0c323085e645b8765913b4a7fd42cf49b65 (git) Affected: c5b2cbdbdac563f46ecd5e187253ab1abbd6fc04 , < 807fa14536b26803b858da878b643be72952a097 (git) Affected: c5b2cbdbdac563f46ecd5e187253ab1abbd6fc04 , < a11ddb37bf367e6b5239b95ca759e5389bb46048 (git)
Linux	Linux	Affected: 5.6 Unaffected: 0 , < 5.6 (semver) Unaffected: 5.10.40 , ≤ 5.10.* (semver) Unaffected: 5.12.7 , ≤ 5.12.* (semver) Unaffected: 5.13 , ≤ * (original_commit_for_fix)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-47069",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-06-21T16:15:09.996738Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-21T16:15:20.262Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T05:24:39.653Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/4528c0c323085e645b8765913b4a7fd42cf49b65"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/807fa14536b26803b858da878b643be72952a097"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/a11ddb37bf367e6b5239b95ca759e5389bb46048"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "ipc/mqueue.c",
            "ipc/msg.c",
            "ipc/sem.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "4528c0c323085e645b8765913b4a7fd42cf49b65",
              "status": "affected",
              "version": "c5b2cbdbdac563f46ecd5e187253ab1abbd6fc04",
              "versionType": "git"
            },
            {
              "lessThan": "807fa14536b26803b858da878b643be72952a097",
              "status": "affected",
              "version": "c5b2cbdbdac563f46ecd5e187253ab1abbd6fc04",
              "versionType": "git"
            },
            {
              "lessThan": "a11ddb37bf367e6b5239b95ca759e5389bb46048",
              "status": "affected",
              "version": "c5b2cbdbdac563f46ecd5e187253ab1abbd6fc04",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "ipc/mqueue.c",
            "ipc/msg.c",
            "ipc/sem.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "5.6"
            },
            {
              "lessThan": "5.6",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.40",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.12.*",
              "status": "unaffected",
              "version": "5.12.7",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.13",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.10.40",
                  "versionStartIncluding": "5.6",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.12.7",
                  "versionStartIncluding": "5.6",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.13",
                  "versionStartIncluding": "5.6",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nipc/mqueue, msg, sem: avoid relying on a stack reference past its expiry\n\ndo_mq_timedreceive calls wq_sleep with a stack local address.  The\nsender (do_mq_timedsend) uses this address to later call pipelined_send.\n\nThis leads to a very hard to trigger race where a do_mq_timedreceive\ncall might return and leave do_mq_timedsend to rely on an invalid\naddress, causing the following crash:\n\n  RIP: 0010:wake_q_add_safe+0x13/0x60\n  Call Trace:\n   __x64_sys_mq_timedsend+0x2a9/0x490\n   do_syscall_64+0x80/0x680\n   entry_SYSCALL_64_after_hwframe+0x44/0xa9\n  RIP: 0033:0x7f5928e40343\n\nThe race occurs as:\n\n1. do_mq_timedreceive calls wq_sleep with the address of `struct\n   ext_wait_queue` on function stack (aliased as `ewq_addr` here) - it\n   holds a valid `struct ext_wait_queue *` as long as the stack has not\n   been overwritten.\n\n2. `ewq_addr` gets added to info-\u003ee_wait_q[RECV].list in wq_add, and\n   do_mq_timedsend receives it via wq_get_first_waiter(info, RECV) to call\n   __pipelined_op.\n\n3. Sender calls __pipelined_op::smp_store_release(\u0026this-\u003estate,\n   STATE_READY).  Here is where the race window begins.  (`this` is\n   `ewq_addr`.)\n\n4. If the receiver wakes up now in do_mq_timedreceive::wq_sleep, it\n   will see `state == STATE_READY` and break.\n\n5. do_mq_timedreceive returns, and `ewq_addr` is no longer guaranteed\n   to be a `struct ext_wait_queue *` since it was on do_mq_timedreceive\u0027s\n   stack.  (Although the address may not get overwritten until another\n   function happens to touch it, which means it can persist around for an\n   indefinite time.)\n\n6. do_mq_timedsend::__pipelined_op() still believes `ewq_addr` is a\n   `struct ext_wait_queue *`, and uses it to find a task_struct to pass to\n   the wake_q_add_safe call.  In the lucky case where nothing has\n   overwritten `ewq_addr` yet, `ewq_addr-\u003etask` is the right task_struct.\n   In the unlucky case, __pipelined_op::wake_q_add_safe gets handed a\n   bogus address as the receiver\u0027s task_struct causing the crash.\n\ndo_mq_timedsend::__pipelined_op() should not dereference `this` after\nsetting STATE_READY, as the receiver counterpart is now free to return.\nChange __pipelined_op to call wake_q_add_safe on the receiver\u0027s\ntask_struct returned by get_task_struct, instead of dereferencing `this`\nwhich sits on the receiver\u0027s stack.\n\nAs Manfred pointed out, the race potentially also exists in\nipc/msg.c::expunge_all and ipc/sem.c::wake_up_sem_queue_prepare.  Fix\nthose in the same way."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-05-11T13:47:28.778Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/4528c0c323085e645b8765913b4a7fd42cf49b65"
        },
        {
          "url": "https://git.kernel.org/stable/c/807fa14536b26803b858da878b643be72952a097"
        },
        {
          "url": "https://git.kernel.org/stable/c/a11ddb37bf367e6b5239b95ca759e5389bb46048"
        }
      ],
      "title": "ipc/mqueue, msg, sem: avoid relying on a stack reference past its expiry",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2021-47069",
    "datePublished": "2024-03-01T21:15:08.598Z",
    "dateReserved": "2024-02-29T22:33:44.296Z",
    "dateUpdated": "2026-05-11T13:47:28.778Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2021-47073 (GCVE-0-2021-47073)

Vulnerability from cvelistv5 – Published: 2024-03-01 21:15 – Updated: 2026-05-11 13:47

Title

platform/x86: dell-smbios-wmi: Fix oops on rmmod dell_smbios

Summary

In the Linux kernel, the following vulnerability has been resolved: platform/x86: dell-smbios-wmi: Fix oops on rmmod dell_smbios init_dell_smbios_wmi() only registers the dell_smbios_wmi_driver on systems where the Dell WMI interface is supported. While exit_dell_smbios_wmi() unregisters it unconditionally, this leads to the following oops: [ 175.722921] ------------[ cut here ]------------ [ 175.722925] Unexpected driver unregister! [ 175.722939] WARNING: CPU: 1 PID: 3630 at drivers/base/driver.c:194 driver_unregister+0x38/0x40 ... [ 175.723089] Call Trace: [ 175.723094] cleanup_module+0x5/0xedd [dell_smbios] ... [ 175.723148] ---[ end trace 064c34e1ad49509d ]--- Make the unregister happen on the same condition the register happens to fix this.

Severity ?

No CVSS data available.

Assigner

Linux

References

5 references

URL	Tags
https://git.kernel.org/stable/c/75cfc833da4a21111…
https://git.kernel.org/stable/c/6fa78a6b9a3beb676…
https://git.kernel.org/stable/c/0cf036a0d325200e6…
https://git.kernel.org/stable/c/8d746ea7c687bab06…
https://git.kernel.org/stable/c/3a53587423d25c87a…

Impacted products

2 products

Vendor	Product	Version
Linux	Linux	Affected: 1a258e670434f404a4500b65ba1afea2c2b29bba , < 75cfc833da4a2111106d4c134e93e0c7f41e35e7 (git) Affected: 1a258e670434f404a4500b65ba1afea2c2b29bba , < 6fa78a6b9a3beb676a010dc489c1257f7e432525 (git) Affected: 1a258e670434f404a4500b65ba1afea2c2b29bba , < 0cf036a0d325200e6c27b90908e51195bbc557b1 (git) Affected: 1a258e670434f404a4500b65ba1afea2c2b29bba , < 8d746ea7c687bab060a2c05a35c449302406cd52 (git) Affected: 1a258e670434f404a4500b65ba1afea2c2b29bba , < 3a53587423d25c87af4b4126a806a0575104b45e (git)
Linux	Linux	Affected: 4.15 Unaffected: 0 , < 4.15 (semver) Unaffected: 4.19.192 , ≤ 4.19.* (semver) Unaffected: 5.4.122 , ≤ 5.4.* (semver) Unaffected: 5.10.40 , ≤ 5.10.* (semver) Unaffected: 5.12.7 , ≤ 5.12.* (semver) Unaffected: 5.13 , ≤ * (original_commit_for_fix)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-47073",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-03-05T22:11:59.293322Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:13:23.078Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T05:24:39.704Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/75cfc833da4a2111106d4c134e93e0c7f41e35e7"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/6fa78a6b9a3beb676a010dc489c1257f7e432525"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/0cf036a0d325200e6c27b90908e51195bbc557b1"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/8d746ea7c687bab060a2c05a35c449302406cd52"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/3a53587423d25c87af4b4126a806a0575104b45e"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/platform/x86/dell/dell-smbios-wmi.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "75cfc833da4a2111106d4c134e93e0c7f41e35e7",
              "status": "affected",
              "version": "1a258e670434f404a4500b65ba1afea2c2b29bba",
              "versionType": "git"
            },
            {
              "lessThan": "6fa78a6b9a3beb676a010dc489c1257f7e432525",
              "status": "affected",
              "version": "1a258e670434f404a4500b65ba1afea2c2b29bba",
              "versionType": "git"
            },
            {
              "lessThan": "0cf036a0d325200e6c27b90908e51195bbc557b1",
              "status": "affected",
              "version": "1a258e670434f404a4500b65ba1afea2c2b29bba",
              "versionType": "git"
            },
            {
              "lessThan": "8d746ea7c687bab060a2c05a35c449302406cd52",
              "status": "affected",
              "version": "1a258e670434f404a4500b65ba1afea2c2b29bba",
              "versionType": "git"
            },
            {
              "lessThan": "3a53587423d25c87af4b4126a806a0575104b45e",
              "status": "affected",
              "version": "1a258e670434f404a4500b65ba1afea2c2b29bba",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/platform/x86/dell/dell-smbios-wmi.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "4.15"
            },
            {
              "lessThan": "4.15",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.19.*",
              "status": "unaffected",
              "version": "4.19.192",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.122",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.40",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.12.*",
              "status": "unaffected",
              "version": "5.12.7",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.13",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "4.19.192",
                  "versionStartIncluding": "4.15",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.4.122",
                  "versionStartIncluding": "4.15",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.10.40",
                  "versionStartIncluding": "4.15",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.12.7",
                  "versionStartIncluding": "4.15",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.13",
                  "versionStartIncluding": "4.15",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nplatform/x86: dell-smbios-wmi: Fix oops on rmmod dell_smbios\n\ninit_dell_smbios_wmi() only registers the dell_smbios_wmi_driver on systems\nwhere the Dell WMI interface is supported. While exit_dell_smbios_wmi()\nunregisters it unconditionally, this leads to the following oops:\n\n[  175.722921] ------------[ cut here ]------------\n[  175.722925] Unexpected driver unregister!\n[  175.722939] WARNING: CPU: 1 PID: 3630 at drivers/base/driver.c:194 driver_unregister+0x38/0x40\n...\n[  175.723089] Call Trace:\n[  175.723094]  cleanup_module+0x5/0xedd [dell_smbios]\n...\n[  175.723148] ---[ end trace 064c34e1ad49509d ]---\n\nMake the unregister happen on the same condition the register happens\nto fix this."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-05-11T13:47:33.478Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/75cfc833da4a2111106d4c134e93e0c7f41e35e7"
        },
        {
          "url": "https://git.kernel.org/stable/c/6fa78a6b9a3beb676a010dc489c1257f7e432525"
        },
        {
          "url": "https://git.kernel.org/stable/c/0cf036a0d325200e6c27b90908e51195bbc557b1"
        },
        {
          "url": "https://git.kernel.org/stable/c/8d746ea7c687bab060a2c05a35c449302406cd52"
        },
        {
          "url": "https://git.kernel.org/stable/c/3a53587423d25c87af4b4126a806a0575104b45e"
        }
      ],
      "title": "platform/x86: dell-smbios-wmi: Fix oops on rmmod dell_smbios",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2021-47073",
    "datePublished": "2024-03-01T21:15:11.466Z",
    "dateReserved": "2024-02-29T22:33:44.297Z",
    "dateUpdated": "2026-05-11T13:47:33.478Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2021-47236 (GCVE-0-2021-47236)

Vulnerability from cvelistv5 – Published: 2024-05-21 14:19 – Updated: 2026-05-11 13:50

Title

net: cdc_eem: fix tx fixup skb leak

Summary

In the Linux kernel, the following vulnerability has been resolved: net: cdc_eem: fix tx fixup skb leak when usbnet transmit a skb, eem fixup it in eem_tx_fixup(), if skb_copy_expand() failed, it return NULL, usbnet_start_xmit() will have no chance to free original skb. fix it by free orginal skb in eem_tx_fixup() first, then check skb clone status, if failed, return NULL to usbnet.

Severity ?

No CVSS data available.

Assigner

Linux

References

8 references

URL	Tags
https://git.kernel.org/stable/c/f12554b0ff639e746…
https://git.kernel.org/stable/c/14184ec5c958b589b…
https://git.kernel.org/stable/c/1bcacd6088d61c0ac…
https://git.kernel.org/stable/c/f4e6a7f19c82f39b1…
https://git.kernel.org/stable/c/81de2ed06df8b5451…
https://git.kernel.org/stable/c/05b2b9f7d24b5663d…
https://git.kernel.org/stable/c/b4f7a9fc9d094c0c4…
https://git.kernel.org/stable/c/c3b26fdf1b32f91c7…

Impacted products

2 products

Vendor	Product	Version
Linux	Linux	Affected: 9f722c0978b04acba209f8ca1896ad05814bc3a3 , < f12554b0ff639e74612cc01b3b4a049e098d2d65 (git) Affected: 9f722c0978b04acba209f8ca1896ad05814bc3a3 , < 14184ec5c958b589ba934da7363a2877879204df (git) Affected: 9f722c0978b04acba209f8ca1896ad05814bc3a3 , < 1bcacd6088d61c0ac6a990d87975600a81f3247e (git) Affected: 9f722c0978b04acba209f8ca1896ad05814bc3a3 , < f4e6a7f19c82f39b1803e91c54718f0d7143767d (git) Affected: 9f722c0978b04acba209f8ca1896ad05814bc3a3 , < 81de2ed06df8b5451e050fe6a318af3263dbff3f (git) Affected: 9f722c0978b04acba209f8ca1896ad05814bc3a3 , < 05b2b9f7d24b5663d9b47427fe1555bdafd3ea02 (git) Affected: 9f722c0978b04acba209f8ca1896ad05814bc3a3 , < b4f7a9fc9d094c0c4a66f2ad7c37b1dbe9e78f88 (git) Affected: 9f722c0978b04acba209f8ca1896ad05814bc3a3 , < c3b26fdf1b32f91c7a3bc743384b4a298ab53ad7 (git)
Linux	Linux	Affected: 2.6.30 Unaffected: 0 , < 2.6.30 (semver) Unaffected: 4.4.274 , ≤ 4.4.* (semver) Unaffected: 4.9.274 , ≤ 4.9.* (semver) Unaffected: 4.14.238 , ≤ 4.14.* (semver) Unaffected: 4.19.196 , ≤ 4.19.* (semver) Unaffected: 5.4.128 , ≤ 5.4.* (semver) Unaffected: 5.10.46 , ≤ 5.10.* (semver) Unaffected: 5.12.13 , ≤ 5.12.* (semver) Unaffected: 5.13 , ≤ * (original_commit_for_fix)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-47236",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-06-17T17:38:01.951930Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-17T17:39:57.883Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T05:32:07.941Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/f12554b0ff639e74612cc01b3b4a049e098d2d65"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/14184ec5c958b589ba934da7363a2877879204df"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/1bcacd6088d61c0ac6a990d87975600a81f3247e"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/f4e6a7f19c82f39b1803e91c54718f0d7143767d"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/81de2ed06df8b5451e050fe6a318af3263dbff3f"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/05b2b9f7d24b5663d9b47427fe1555bdafd3ea02"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/b4f7a9fc9d094c0c4a66f2ad7c37b1dbe9e78f88"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/c3b26fdf1b32f91c7a3bc743384b4a298ab53ad7"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/net/usb/cdc_eem.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "f12554b0ff639e74612cc01b3b4a049e098d2d65",
              "status": "affected",
              "version": "9f722c0978b04acba209f8ca1896ad05814bc3a3",
              "versionType": "git"
            },
            {
              "lessThan": "14184ec5c958b589ba934da7363a2877879204df",
              "status": "affected",
              "version": "9f722c0978b04acba209f8ca1896ad05814bc3a3",
              "versionType": "git"
            },
            {
              "lessThan": "1bcacd6088d61c0ac6a990d87975600a81f3247e",
              "status": "affected",
              "version": "9f722c0978b04acba209f8ca1896ad05814bc3a3",
              "versionType": "git"
            },
            {
              "lessThan": "f4e6a7f19c82f39b1803e91c54718f0d7143767d",
              "status": "affected",
              "version": "9f722c0978b04acba209f8ca1896ad05814bc3a3",
              "versionType": "git"
            },
            {
              "lessThan": "81de2ed06df8b5451e050fe6a318af3263dbff3f",
              "status": "affected",
              "version": "9f722c0978b04acba209f8ca1896ad05814bc3a3",
              "versionType": "git"
            },
            {
              "lessThan": "05b2b9f7d24b5663d9b47427fe1555bdafd3ea02",
              "status": "affected",
              "version": "9f722c0978b04acba209f8ca1896ad05814bc3a3",
              "versionType": "git"
            },
            {
              "lessThan": "b4f7a9fc9d094c0c4a66f2ad7c37b1dbe9e78f88",
              "status": "affected",
              "version": "9f722c0978b04acba209f8ca1896ad05814bc3a3",
              "versionType": "git"
            },
            {
              "lessThan": "c3b26fdf1b32f91c7a3bc743384b4a298ab53ad7",
              "status": "affected",
              "version": "9f722c0978b04acba209f8ca1896ad05814bc3a3",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/net/usb/cdc_eem.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "2.6.30"
            },
            {
              "lessThan": "2.6.30",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.4.*",
              "status": "unaffected",
              "version": "4.4.274",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.9.*",
              "status": "unaffected",
              "version": "4.9.274",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.14.*",
              "status": "unaffected",
              "version": "4.14.238",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.19.*",
              "status": "unaffected",
              "version": "4.19.196",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.128",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.46",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.12.*",
              "status": "unaffected",
              "version": "5.12.13",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.13",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "4.4.274",
                  "versionStartIncluding": "2.6.30",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "4.9.274",
                  "versionStartIncluding": "2.6.30",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "4.14.238",
                  "versionStartIncluding": "2.6.30",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "4.19.196",
                  "versionStartIncluding": "2.6.30",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.4.128",
                  "versionStartIncluding": "2.6.30",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.10.46",
                  "versionStartIncluding": "2.6.30",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.12.13",
                  "versionStartIncluding": "2.6.30",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.13",
                  "versionStartIncluding": "2.6.30",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: cdc_eem: fix tx fixup skb leak\n\nwhen usbnet transmit a skb, eem fixup it in eem_tx_fixup(),\nif skb_copy_expand() failed, it return NULL,\nusbnet_start_xmit() will have no chance to free original skb.\n\nfix it by free orginal skb in eem_tx_fixup() first,\nthen check skb clone status, if failed, return NULL to usbnet."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-05-11T13:50:35.712Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/f12554b0ff639e74612cc01b3b4a049e098d2d65"
        },
        {
          "url": "https://git.kernel.org/stable/c/14184ec5c958b589ba934da7363a2877879204df"
        },
        {
          "url": "https://git.kernel.org/stable/c/1bcacd6088d61c0ac6a990d87975600a81f3247e"
        },
        {
          "url": "https://git.kernel.org/stable/c/f4e6a7f19c82f39b1803e91c54718f0d7143767d"
        },
        {
          "url": "https://git.kernel.org/stable/c/81de2ed06df8b5451e050fe6a318af3263dbff3f"
        },
        {
          "url": "https://git.kernel.org/stable/c/05b2b9f7d24b5663d9b47427fe1555bdafd3ea02"
        },
        {
          "url": "https://git.kernel.org/stable/c/b4f7a9fc9d094c0c4a66f2ad7c37b1dbe9e78f88"
        },
        {
          "url": "https://git.kernel.org/stable/c/c3b26fdf1b32f91c7a3bc743384b4a298ab53ad7"
        }
      ],
      "title": "net: cdc_eem: fix tx fixup skb leak",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2021-47236",
    "datePublished": "2024-05-21T14:19:37.724Z",
    "dateReserved": "2024-04-10T18:59:19.531Z",
    "dateUpdated": "2026-05-11T13:50:35.712Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2021-47310 (GCVE-0-2021-47310)

Vulnerability from cvelistv5 – Published: 2024-05-21 14:35 – Updated: 2026-05-11 13:52

Title

net: ti: fix UAF in tlan_remove_one

Summary

In the Linux kernel, the following vulnerability has been resolved: net: ti: fix UAF in tlan_remove_one priv is netdev private data and it cannot be used after free_netdev() call. Using priv after free_netdev() can cause UAF bug. Fix it by moving free_netdev() at the end of the function.

Severity ?

No CVSS data available.

Assigner

Linux

References

8 references

URL	Tags
https://git.kernel.org/stable/c/a18a8d9cfbb112ad7…
https://git.kernel.org/stable/c/c263ae8c7e4c48238…
https://git.kernel.org/stable/c/0538b0ab7d2c396e3…
https://git.kernel.org/stable/c/a0a817b2d308fac09…
https://git.kernel.org/stable/c/b7e5563f2a7862a9e…
https://git.kernel.org/stable/c/f2a062fcfe1d6f1b0…
https://git.kernel.org/stable/c/93efab0ef2a607fff…
https://git.kernel.org/stable/c/0336f8ffece62f882…

Impacted products

2 products

Vendor	Product	Version
Linux	Linux	Affected: 1e0a8b13d35510e711fdf72e9a3e30bcb2bd49fa , < a18a8d9cfbb112ad72e625372849adc3986fd6bf (git) Affected: 1e0a8b13d35510e711fdf72e9a3e30bcb2bd49fa , < c263ae8c7e4c482387de5e6c89e213f8173fe8b6 (git) Affected: 1e0a8b13d35510e711fdf72e9a3e30bcb2bd49fa , < 0538b0ab7d2c396e385694228c7cdcd2d2c514e9 (git) Affected: 1e0a8b13d35510e711fdf72e9a3e30bcb2bd49fa , < a0a817b2d308fac090a05cbbe80988e073ac5193 (git) Affected: 1e0a8b13d35510e711fdf72e9a3e30bcb2bd49fa , < b7e5563f2a7862a9e4796abb9908b092f677e3c1 (git) Affected: 1e0a8b13d35510e711fdf72e9a3e30bcb2bd49fa , < f2a062fcfe1d6f1b0a86fa76ae21c277d65f4405 (git) Affected: 1e0a8b13d35510e711fdf72e9a3e30bcb2bd49fa , < 93efab0ef2a607fff9166d447c4035f98b5db342 (git) Affected: 1e0a8b13d35510e711fdf72e9a3e30bcb2bd49fa , < 0336f8ffece62f882ab3012820965a786a983f70 (git)
Linux	Linux	Affected: 3.10 Unaffected: 0 , < 3.10 (semver) Unaffected: 4.4.277 , ≤ 4.4.* (semver) Unaffected: 4.9.277 , ≤ 4.9.* (semver) Unaffected: 4.14.241 , ≤ 4.14.* (semver) Unaffected: 4.19.199 , ≤ 4.19.* (semver) Unaffected: 5.4.135 , ≤ 5.4.* (semver) Unaffected: 5.10.53 , ≤ 5.10.* (semver) Unaffected: 5.13.5 , ≤ 5.13.* (semver) Unaffected: 5.14 , ≤ * (original_commit_for_fix)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-47310",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-21T15:35:38.649783Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:14:17.488Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T05:32:08.440Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/a18a8d9cfbb112ad72e625372849adc3986fd6bf"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/c263ae8c7e4c482387de5e6c89e213f8173fe8b6"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/0538b0ab7d2c396e385694228c7cdcd2d2c514e9"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/a0a817b2d308fac090a05cbbe80988e073ac5193"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/b7e5563f2a7862a9e4796abb9908b092f677e3c1"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/f2a062fcfe1d6f1b0a86fa76ae21c277d65f4405"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/93efab0ef2a607fff9166d447c4035f98b5db342"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/0336f8ffece62f882ab3012820965a786a983f70"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/net/ethernet/ti/tlan.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "a18a8d9cfbb112ad72e625372849adc3986fd6bf",
              "status": "affected",
              "version": "1e0a8b13d35510e711fdf72e9a3e30bcb2bd49fa",
              "versionType": "git"
            },
            {
              "lessThan": "c263ae8c7e4c482387de5e6c89e213f8173fe8b6",
              "status": "affected",
              "version": "1e0a8b13d35510e711fdf72e9a3e30bcb2bd49fa",
              "versionType": "git"
            },
            {
              "lessThan": "0538b0ab7d2c396e385694228c7cdcd2d2c514e9",
              "status": "affected",
              "version": "1e0a8b13d35510e711fdf72e9a3e30bcb2bd49fa",
              "versionType": "git"
            },
            {
              "lessThan": "a0a817b2d308fac090a05cbbe80988e073ac5193",
              "status": "affected",
              "version": "1e0a8b13d35510e711fdf72e9a3e30bcb2bd49fa",
              "versionType": "git"
            },
            {
              "lessThan": "b7e5563f2a7862a9e4796abb9908b092f677e3c1",
              "status": "affected",
              "version": "1e0a8b13d35510e711fdf72e9a3e30bcb2bd49fa",
              "versionType": "git"
            },
            {
              "lessThan": "f2a062fcfe1d6f1b0a86fa76ae21c277d65f4405",
              "status": "affected",
              "version": "1e0a8b13d35510e711fdf72e9a3e30bcb2bd49fa",
              "versionType": "git"
            },
            {
              "lessThan": "93efab0ef2a607fff9166d447c4035f98b5db342",
              "status": "affected",
              "version": "1e0a8b13d35510e711fdf72e9a3e30bcb2bd49fa",
              "versionType": "git"
            },
            {
              "lessThan": "0336f8ffece62f882ab3012820965a786a983f70",
              "status": "affected",
              "version": "1e0a8b13d35510e711fdf72e9a3e30bcb2bd49fa",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/net/ethernet/ti/tlan.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "3.10"
            },
            {
              "lessThan": "3.10",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.4.*",
              "status": "unaffected",
              "version": "4.4.277",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.9.*",
              "status": "unaffected",
              "version": "4.9.277",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.14.*",
              "status": "unaffected",
              "version": "4.14.241",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.19.*",
              "status": "unaffected",
              "version": "4.19.199",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.135",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.53",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.13.*",
              "status": "unaffected",
              "version": "5.13.5",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.14",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "4.4.277",
                  "versionStartIncluding": "3.10",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "4.9.277",
                  "versionStartIncluding": "3.10",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "4.14.241",
                  "versionStartIncluding": "3.10",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "4.19.199",
                  "versionStartIncluding": "3.10",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.4.135",
                  "versionStartIncluding": "3.10",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.10.53",
                  "versionStartIncluding": "3.10",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.13.5",
                  "versionStartIncluding": "3.10",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.14",
                  "versionStartIncluding": "3.10",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: ti: fix UAF in tlan_remove_one\n\npriv is netdev private data and it cannot be\nused after free_netdev() call. Using priv after free_netdev()\ncan cause UAF bug. Fix it by moving free_netdev() at the end of the\nfunction."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-05-11T13:52:00.968Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/a18a8d9cfbb112ad72e625372849adc3986fd6bf"
        },
        {
          "url": "https://git.kernel.org/stable/c/c263ae8c7e4c482387de5e6c89e213f8173fe8b6"
        },
        {
          "url": "https://git.kernel.org/stable/c/0538b0ab7d2c396e385694228c7cdcd2d2c514e9"
        },
        {
          "url": "https://git.kernel.org/stable/c/a0a817b2d308fac090a05cbbe80988e073ac5193"
        },
        {
          "url": "https://git.kernel.org/stable/c/b7e5563f2a7862a9e4796abb9908b092f677e3c1"
        },
        {
          "url": "https://git.kernel.org/stable/c/f2a062fcfe1d6f1b0a86fa76ae21c277d65f4405"
        },
        {
          "url": "https://git.kernel.org/stable/c/93efab0ef2a607fff9166d447c4035f98b5db342"
        },
        {
          "url": "https://git.kernel.org/stable/c/0336f8ffece62f882ab3012820965a786a983f70"
        }
      ],
      "title": "net: ti: fix UAF in tlan_remove_one",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2021-47310",
    "datePublished": "2024-05-21T14:35:28.649Z",
    "dateReserved": "2024-05-21T14:28:16.972Z",
    "dateUpdated": "2026-05-11T13:52:00.968Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2021-47311 (GCVE-0-2021-47311)

Vulnerability from cvelistv5 – Published: 2024-05-21 14:35 – Updated: 2026-05-11 13:52

Title

net: qcom/emac: fix UAF in emac_remove

Summary

In the Linux kernel, the following vulnerability has been resolved: net: qcom/emac: fix UAF in emac_remove adpt is netdev private data and it cannot be used after free_netdev() call. Using adpt after free_netdev() can cause UAF bug. Fix it by moving free_netdev() at the end of the function.

Severity ?

No CVSS data available.

Assigner

Linux

References

7 references

URL	Tags
https://git.kernel.org/stable/c/4d04a42b926e68214…
https://git.kernel.org/stable/c/b1e091331920f8fbf…
https://git.kernel.org/stable/c/11e9d163d631198bb…
https://git.kernel.org/stable/c/2b70ca92847c619d6…
https://git.kernel.org/stable/c/b560521eca03d0a2d…
https://git.kernel.org/stable/c/8a225a6e07a57a153…
https://git.kernel.org/stable/c/ad297cd2db8953e22…

Impacted products

2 products

Vendor	Product	Version
Linux	Linux	Affected: 54e19bc74f3380d414681762ceed9f7245bc6a6e , < 4d04a42b926e682140776e54188f4a44f1f01a81 (git) Affected: 54e19bc74f3380d414681762ceed9f7245bc6a6e , < b1e091331920f8fbfc747dcbd16263fcd71abb2d (git) Affected: 54e19bc74f3380d414681762ceed9f7245bc6a6e , < 11e9d163d631198bb3eb41a677a61b499516c0f7 (git) Affected: 54e19bc74f3380d414681762ceed9f7245bc6a6e , < 2b70ca92847c619d6264c7372ef74fcbfd1e048c (git) Affected: 54e19bc74f3380d414681762ceed9f7245bc6a6e , < b560521eca03d0a2db6093a5a632cbdd0a0cf833 (git) Affected: 54e19bc74f3380d414681762ceed9f7245bc6a6e , < 8a225a6e07a57a1538d53637cb3d82bd3e477839 (git) Affected: 54e19bc74f3380d414681762ceed9f7245bc6a6e , < ad297cd2db8953e2202970e9504cab247b6c7cb4 (git)
Linux	Linux	Affected: 4.9 Unaffected: 0 , < 4.9 (semver) Unaffected: 4.9.277 , ≤ 4.9.* (semver) Unaffected: 4.14.241 , ≤ 4.14.* (semver) Unaffected: 4.19.199 , ≤ 4.19.* (semver) Unaffected: 5.4.135 , ≤ 5.4.* (semver) Unaffected: 5.10.53 , ≤ 5.10.* (semver) Unaffected: 5.13.5 , ≤ 5.13.* (semver) Unaffected: 5.14 , ≤ * (original_commit_for_fix)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T05:32:08.445Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/4d04a42b926e682140776e54188f4a44f1f01a81"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/b1e091331920f8fbfc747dcbd16263fcd71abb2d"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/11e9d163d631198bb3eb41a677a61b499516c0f7"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/2b70ca92847c619d6264c7372ef74fcbfd1e048c"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/b560521eca03d0a2db6093a5a632cbdd0a0cf833"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/8a225a6e07a57a1538d53637cb3d82bd3e477839"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/ad297cd2db8953e2202970e9504cab247b6c7cb4"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-47311",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-08-19T18:50:38.591727Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-08-19T18:50:45.314Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/net/ethernet/qualcomm/emac/emac.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "4d04a42b926e682140776e54188f4a44f1f01a81",
              "status": "affected",
              "version": "54e19bc74f3380d414681762ceed9f7245bc6a6e",
              "versionType": "git"
            },
            {
              "lessThan": "b1e091331920f8fbfc747dcbd16263fcd71abb2d",
              "status": "affected",
              "version": "54e19bc74f3380d414681762ceed9f7245bc6a6e",
              "versionType": "git"
            },
            {
              "lessThan": "11e9d163d631198bb3eb41a677a61b499516c0f7",
              "status": "affected",
              "version": "54e19bc74f3380d414681762ceed9f7245bc6a6e",
              "versionType": "git"
            },
            {
              "lessThan": "2b70ca92847c619d6264c7372ef74fcbfd1e048c",
              "status": "affected",
              "version": "54e19bc74f3380d414681762ceed9f7245bc6a6e",
              "versionType": "git"
            },
            {
              "lessThan": "b560521eca03d0a2db6093a5a632cbdd0a0cf833",
              "status": "affected",
              "version": "54e19bc74f3380d414681762ceed9f7245bc6a6e",
              "versionType": "git"
            },
            {
              "lessThan": "8a225a6e07a57a1538d53637cb3d82bd3e477839",
              "status": "affected",
              "version": "54e19bc74f3380d414681762ceed9f7245bc6a6e",
              "versionType": "git"
            },
            {
              "lessThan": "ad297cd2db8953e2202970e9504cab247b6c7cb4",
              "status": "affected",
              "version": "54e19bc74f3380d414681762ceed9f7245bc6a6e",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/net/ethernet/qualcomm/emac/emac.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "4.9"
            },
            {
              "lessThan": "4.9",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.9.*",
              "status": "unaffected",
              "version": "4.9.277",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.14.*",
              "status": "unaffected",
              "version": "4.14.241",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.19.*",
              "status": "unaffected",
              "version": "4.19.199",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.135",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.53",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.13.*",
              "status": "unaffected",
              "version": "5.13.5",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.14",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "4.9.277",
                  "versionStartIncluding": "4.9",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "4.14.241",
                  "versionStartIncluding": "4.9",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "4.19.199",
                  "versionStartIncluding": "4.9",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.4.135",
                  "versionStartIncluding": "4.9",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.10.53",
                  "versionStartIncluding": "4.9",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.13.5",
                  "versionStartIncluding": "4.9",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.14",
                  "versionStartIncluding": "4.9",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: qcom/emac: fix UAF in emac_remove\n\nadpt is netdev private data and it cannot be\nused after free_netdev() call. Using adpt after free_netdev()\ncan cause UAF bug. Fix it by moving free_netdev() at the end of the\nfunction."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-05-11T13:52:02.532Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/4d04a42b926e682140776e54188f4a44f1f01a81"
        },
        {
          "url": "https://git.kernel.org/stable/c/b1e091331920f8fbfc747dcbd16263fcd71abb2d"
        },
        {
          "url": "https://git.kernel.org/stable/c/11e9d163d631198bb3eb41a677a61b499516c0f7"
        },
        {
          "url": "https://git.kernel.org/stable/c/2b70ca92847c619d6264c7372ef74fcbfd1e048c"
        },
        {
          "url": "https://git.kernel.org/stable/c/b560521eca03d0a2db6093a5a632cbdd0a0cf833"
        },
        {
          "url": "https://git.kernel.org/stable/c/8a225a6e07a57a1538d53637cb3d82bd3e477839"
        },
        {
          "url": "https://git.kernel.org/stable/c/ad297cd2db8953e2202970e9504cab247b6c7cb4"
        }
      ],
      "title": "net: qcom/emac: fix UAF in emac_remove",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2021-47311",
    "datePublished": "2024-05-21T14:35:29.304Z",
    "dateReserved": "2024-05-21T14:28:16.973Z",
    "dateUpdated": "2026-05-11T13:52:02.532Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2021-47353 (GCVE-0-2021-47353)

Vulnerability from cvelistv5 – Published: 2024-05-21 14:35 – Updated: 2026-05-11 13:53

Title

udf: Fix NULL pointer dereference in udf_symlink function

Summary

In the Linux kernel, the following vulnerability has been resolved: udf: Fix NULL pointer dereference in udf_symlink function In function udf_symlink, epos.bh is assigned with the value returned by udf_tgetblk. The function udf_tgetblk is defined in udf/misc.c and returns the value of sb_getblk function that could be NULL. Then, epos.bh is used without any check, causing a possible NULL pointer dereference when sb_getblk fails. This fix adds a check to validate the value of epos.bh.

Severity ?

No CVSS data available.

Assigner

Linux

References

9 references

URL	Tags
https://git.kernel.org/stable/c/2f3d9ddd32a28803b…
https://git.kernel.org/stable/c/371566f63cbd0bb6f…
https://git.kernel.org/stable/c/baea588a42d675e35…
https://git.kernel.org/stable/c/3638705ecd5ad2785…
https://git.kernel.org/stable/c/80d505aee6398cf8b…
https://git.kernel.org/stable/c/21bf1414580c36ffc…
https://git.kernel.org/stable/c/aebed6b19e51a3400…
https://git.kernel.org/stable/c/5150877e4d99f8505…
https://git.kernel.org/stable/c/fa236c2b2d4436d9f…

Impacted products

2 products

Vendor	Product	Version
Linux	Linux	Affected: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 , < 2f3d9ddd32a28803baa547e6274983b67d5e287c (git) Affected: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 , < 371566f63cbd0bb6fbb25b8fe9d5798268d35af9 (git) Affected: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 , < baea588a42d675e35daeaddd10fbc9700550bc4d (git) Affected: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 , < 3638705ecd5ad2785e996f820121c0ad15ce64b5 (git) Affected: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 , < 80d505aee6398cf8beb72475c7edcf1733c1c68b (git) Affected: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 , < 21bf1414580c36ffc8d8de043beb3508cf812238 (git) Affected: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 , < aebed6b19e51a34003d998da5ebb1dfdd2cb1d02 (git) Affected: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 , < 5150877e4d99f85057a458daac7cd7c01005d5c6 (git) Affected: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 , < fa236c2b2d4436d9f19ee4e5d5924e90ffd7bb43 (git)
Linux	Linux	Affected: 2.6.12 Unaffected: 0 , < 2.6.12 (semver) Unaffected: 4.4.276 , ≤ 4.4.* (semver) Unaffected: 4.9.276 , ≤ 4.9.* (semver) Unaffected: 4.14.240 , ≤ 4.14.* (semver) Unaffected: 4.19.198 , ≤ 4.19.* (semver) Unaffected: 5.4.133 , ≤ 5.4.* (semver) Unaffected: 5.10.51 , ≤ 5.10.* (semver) Unaffected: 5.12.18 , ≤ 5.12.* (semver) Unaffected: 5.13.3 , ≤ 5.13.* (semver) Unaffected: 5.14 , ≤ * (original_commit_for_fix)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-47353",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-23T19:03:03.353127Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:14:54.819Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T05:32:08.447Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/2f3d9ddd32a28803baa547e6274983b67d5e287c"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/371566f63cbd0bb6fbb25b8fe9d5798268d35af9"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/baea588a42d675e35daeaddd10fbc9700550bc4d"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/3638705ecd5ad2785e996f820121c0ad15ce64b5"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/80d505aee6398cf8beb72475c7edcf1733c1c68b"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/21bf1414580c36ffc8d8de043beb3508cf812238"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/aebed6b19e51a34003d998da5ebb1dfdd2cb1d02"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/5150877e4d99f85057a458daac7cd7c01005d5c6"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/fa236c2b2d4436d9f19ee4e5d5924e90ffd7bb43"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "fs/udf/namei.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "2f3d9ddd32a28803baa547e6274983b67d5e287c",
              "status": "affected",
              "version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
              "versionType": "git"
            },
            {
              "lessThan": "371566f63cbd0bb6fbb25b8fe9d5798268d35af9",
              "status": "affected",
              "version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
              "versionType": "git"
            },
            {
              "lessThan": "baea588a42d675e35daeaddd10fbc9700550bc4d",
              "status": "affected",
              "version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
              "versionType": "git"
            },
            {
              "lessThan": "3638705ecd5ad2785e996f820121c0ad15ce64b5",
              "status": "affected",
              "version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
              "versionType": "git"
            },
            {
              "lessThan": "80d505aee6398cf8beb72475c7edcf1733c1c68b",
              "status": "affected",
              "version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
              "versionType": "git"
            },
            {
              "lessThan": "21bf1414580c36ffc8d8de043beb3508cf812238",
              "status": "affected",
              "version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
              "versionType": "git"
            },
            {
              "lessThan": "aebed6b19e51a34003d998da5ebb1dfdd2cb1d02",
              "status": "affected",
              "version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
              "versionType": "git"
            },
            {
              "lessThan": "5150877e4d99f85057a458daac7cd7c01005d5c6",
              "status": "affected",
              "version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
              "versionType": "git"
            },
            {
              "lessThan": "fa236c2b2d4436d9f19ee4e5d5924e90ffd7bb43",
              "status": "affected",
              "version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "fs/udf/namei.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "2.6.12"
            },
            {
              "lessThan": "2.6.12",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.4.*",
              "status": "unaffected",
              "version": "4.4.276",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.9.*",
              "status": "unaffected",
              "version": "4.9.276",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.14.*",
              "status": "unaffected",
              "version": "4.14.240",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.19.*",
              "status": "unaffected",
              "version": "4.19.198",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.133",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.51",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.12.*",
              "status": "unaffected",
              "version": "5.12.18",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.13.*",
              "status": "unaffected",
              "version": "5.13.3",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.14",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "4.4.276",
                  "versionStartIncluding": "2.6.12",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "4.9.276",
                  "versionStartIncluding": "2.6.12",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "4.14.240",
                  "versionStartIncluding": "2.6.12",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "4.19.198",
                  "versionStartIncluding": "2.6.12",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.4.133",
                  "versionStartIncluding": "2.6.12",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.10.51",
                  "versionStartIncluding": "2.6.12",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.12.18",
                  "versionStartIncluding": "2.6.12",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.13.3",
                  "versionStartIncluding": "2.6.12",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.14",
                  "versionStartIncluding": "2.6.12",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nudf: Fix NULL pointer dereference in udf_symlink function\n\nIn function udf_symlink, epos.bh is assigned with the value returned\nby udf_tgetblk. The function udf_tgetblk is defined in udf/misc.c\nand returns the value of sb_getblk function that could be NULL.\nThen, epos.bh is used without any check, causing a possible\nNULL pointer dereference when sb_getblk fails.\n\nThis fix adds a check to validate the value of epos.bh."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-05-11T13:53:03.838Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/2f3d9ddd32a28803baa547e6274983b67d5e287c"
        },
        {
          "url": "https://git.kernel.org/stable/c/371566f63cbd0bb6fbb25b8fe9d5798268d35af9"
        },
        {
          "url": "https://git.kernel.org/stable/c/baea588a42d675e35daeaddd10fbc9700550bc4d"
        },
        {
          "url": "https://git.kernel.org/stable/c/3638705ecd5ad2785e996f820121c0ad15ce64b5"
        },
        {
          "url": "https://git.kernel.org/stable/c/80d505aee6398cf8beb72475c7edcf1733c1c68b"
        },
        {
          "url": "https://git.kernel.org/stable/c/21bf1414580c36ffc8d8de043beb3508cf812238"
        },
        {
          "url": "https://git.kernel.org/stable/c/aebed6b19e51a34003d998da5ebb1dfdd2cb1d02"
        },
        {
          "url": "https://git.kernel.org/stable/c/5150877e4d99f85057a458daac7cd7c01005d5c6"
        },
        {
          "url": "https://git.kernel.org/stable/c/fa236c2b2d4436d9f19ee4e5d5924e90ffd7bb43"
        }
      ],
      "title": "udf: Fix NULL pointer dereference in udf_symlink function",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2021-47353",
    "datePublished": "2024-05-21T14:35:57.122Z",
    "dateReserved": "2024-05-21T14:28:16.986Z",
    "dateUpdated": "2026-05-11T13:53:03.838Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2021-47356 (GCVE-0-2021-47356)

Vulnerability from cvelistv5 – Published: 2024-05-21 14:35 – Updated: 2026-05-11 13:53

Title

mISDN: fix possible use-after-free in HFC_cleanup()

Summary

In the Linux kernel, the following vulnerability has been resolved: mISDN: fix possible use-after-free in HFC_cleanup() This module's remove path calls del_timer(). However, that function does not wait until the timer handler finishes. This means that the timer handler may still be running after the driver's remove function has finished, which would result in a use-after-free. Fix by calling del_timer_sync(), which makes sure the timer handler has finished, and unable to re-schedule itself.

Severity ?

7.7 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H

CWE

CWE-416 - Use After Free

Assigner

Linux

References

9 references

URL	Tags
https://git.kernel.org/stable/c/49331c07ef0f8fdfa…
https://git.kernel.org/stable/c/54ff3202928952a10…
https://git.kernel.org/stable/c/7867ddc5f3de7f289…
https://git.kernel.org/stable/c/5f2818185da0fe82a…
https://git.kernel.org/stable/c/3ecd228c636ee17c1…
https://git.kernel.org/stable/c/b7ee9ae1e0cf55a03…
https://git.kernel.org/stable/c/61370ff07e0acc657…
https://git.kernel.org/stable/c/ed7c3739d0a07e2ec…
https://git.kernel.org/stable/c/009fc857c5f6fda81…

Impacted products

2 products

Vendor	Product	Version
Linux	Linux	Affected: 87c5fa1bb42624254a2013cbbc3b170d6017f5d6 , < 49331c07ef0f8fdfa42b30ba6a83a657b29d7fbe (git) Affected: 87c5fa1bb42624254a2013cbbc3b170d6017f5d6 , < 54ff3202928952a100c477248e65ac6db01258a7 (git) Affected: 87c5fa1bb42624254a2013cbbc3b170d6017f5d6 , < 7867ddc5f3de7f289aee63233afc0df4b62834c5 (git) Affected: 87c5fa1bb42624254a2013cbbc3b170d6017f5d6 , < 5f2818185da0fe82a932f0856633038b66faf124 (git) Affected: 87c5fa1bb42624254a2013cbbc3b170d6017f5d6 , < 3ecd228c636ee17c14662729737fa07242a93cb0 (git) Affected: 87c5fa1bb42624254a2013cbbc3b170d6017f5d6 , < b7ee9ae1e0cf55a037c4a99af2acc5d78cb7802d (git) Affected: 87c5fa1bb42624254a2013cbbc3b170d6017f5d6 , < 61370ff07e0acc657559a8fac02551dfeb9d3020 (git) Affected: 87c5fa1bb42624254a2013cbbc3b170d6017f5d6 , < ed7c3739d0a07e2ec3ccbffe7e93cea01c438cda (git) Affected: 87c5fa1bb42624254a2013cbbc3b170d6017f5d6 , < 009fc857c5f6fda81f2f7dd851b2d54193a8e733 (git)
Linux	Linux	Affected: 2.6.29 Unaffected: 0 , < 2.6.29 (semver) Unaffected: 4.4.276 , ≤ 4.4.* (semver) Unaffected: 4.9.276 , ≤ 4.9.* (semver) Unaffected: 4.14.240 , ≤ 4.14.* (semver) Unaffected: 4.19.198 , ≤ 4.19.* (semver) Unaffected: 5.4.133 , ≤ 5.4.* (semver) Unaffected: 5.10.51 , ≤ 5.10.* (semver) Unaffected: 5.12.18 , ≤ 5.12.* (semver) Unaffected: 5.13.3 , ≤ 5.13.* (semver) Unaffected: 5.14 , ≤ * (original_commit_for_fix)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "lessThan": "49331c07ef0f",
                "status": "affected",
                "version": "1da177e4c3f4",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "lessThan": "54ff32029289",
                "status": "affected",
                "version": "1da177e4c3f4",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "lessThan": "7867ddc5f3de",
                "status": "affected",
                "version": "1da177e4c3f4",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "lessThan": "5f2818185da0",
                "status": "affected",
                "version": "1da177e4c3f4",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "lessThan": "3ecd228c636e",
                "status": "affected",
                "version": "1da177e4c3f4",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "lessThan": "b7ee9ae1e0cf",
                "status": "affected",
                "version": "1da177e4c3f4",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "lessThan": "61370ff07e0a",
                "status": "affected",
                "version": "1da177e4c3f4",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "lessThan": "ed7c3739d0a0",
                "status": "affected",
                "version": "1da177e4c3f4",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "lessThan": "009fc857c5f6",
                "status": "affected",
                "version": "1da177e4c3f4",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "lessThanOrEqual": "4.4.*",
                "status": "unaffected",
                "version": "4.4.276",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "lessThanOrEqual": "4.9.*",
                "status": "unaffected",
                "version": "4.9.276",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "lessThanOrEqual": "4.14.*",
                "status": "unaffected",
                "version": "4.14.240",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "lessThanOrEqual": "4.19.*",
                "status": "unaffected",
                "version": "4.19.198",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "lessThanOrEqual": "5.4.*",
                "status": "unaffected",
                "version": "5.4.133",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "lessThanOrEqual": "5.10.*",
                "status": "unaffected",
                "version": "5.10.51",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "lessThanOrEqual": "5.12.*",
                "status": "unaffected",
                "version": "5.12.18",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "lessThanOrEqual": "5.13.*",
                "status": "unaffected",
                "version": "5.13.3",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "status": "unaffected",
                "version": "5.14"
              }
            ]
          }
        ],
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "LOCAL",
              "availabilityImpact": "HIGH",
              "baseScore": 7.7,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "NONE",
              "integrityImpact": "HIGH",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2021-47356",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-01-16T21:04:48.759363Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-416",
                "description": "CWE-416 Use After Free",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-01-16T21:05:18.885Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T05:32:08.504Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/49331c07ef0f8fdfa42b30ba6a83a657b29d7fbe"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/54ff3202928952a100c477248e65ac6db01258a7"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/7867ddc5f3de7f289aee63233afc0df4b62834c5"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/5f2818185da0fe82a932f0856633038b66faf124"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/3ecd228c636ee17c14662729737fa07242a93cb0"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/b7ee9ae1e0cf55a037c4a99af2acc5d78cb7802d"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/61370ff07e0acc657559a8fac02551dfeb9d3020"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/ed7c3739d0a07e2ec3ccbffe7e93cea01c438cda"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/009fc857c5f6fda81f2f7dd851b2d54193a8e733"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/isdn/hardware/mISDN/hfcpci.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "49331c07ef0f8fdfa42b30ba6a83a657b29d7fbe",
              "status": "affected",
              "version": "87c5fa1bb42624254a2013cbbc3b170d6017f5d6",
              "versionType": "git"
            },
            {
              "lessThan": "54ff3202928952a100c477248e65ac6db01258a7",
              "status": "affected",
              "version": "87c5fa1bb42624254a2013cbbc3b170d6017f5d6",
              "versionType": "git"
            },
            {
              "lessThan": "7867ddc5f3de7f289aee63233afc0df4b62834c5",
              "status": "affected",
              "version": "87c5fa1bb42624254a2013cbbc3b170d6017f5d6",
              "versionType": "git"
            },
            {
              "lessThan": "5f2818185da0fe82a932f0856633038b66faf124",
              "status": "affected",
              "version": "87c5fa1bb42624254a2013cbbc3b170d6017f5d6",
              "versionType": "git"
            },
            {
              "lessThan": "3ecd228c636ee17c14662729737fa07242a93cb0",
              "status": "affected",
              "version": "87c5fa1bb42624254a2013cbbc3b170d6017f5d6",
              "versionType": "git"
            },
            {
              "lessThan": "b7ee9ae1e0cf55a037c4a99af2acc5d78cb7802d",
              "status": "affected",
              "version": "87c5fa1bb42624254a2013cbbc3b170d6017f5d6",
              "versionType": "git"
            },
            {
              "lessThan": "61370ff07e0acc657559a8fac02551dfeb9d3020",
              "status": "affected",
              "version": "87c5fa1bb42624254a2013cbbc3b170d6017f5d6",
              "versionType": "git"
            },
            {
              "lessThan": "ed7c3739d0a07e2ec3ccbffe7e93cea01c438cda",
              "status": "affected",
              "version": "87c5fa1bb42624254a2013cbbc3b170d6017f5d6",
              "versionType": "git"
            },
            {
              "lessThan": "009fc857c5f6fda81f2f7dd851b2d54193a8e733",
              "status": "affected",
              "version": "87c5fa1bb42624254a2013cbbc3b170d6017f5d6",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/isdn/hardware/mISDN/hfcpci.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "2.6.29"
            },
            {
              "lessThan": "2.6.29",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.4.*",
              "status": "unaffected",
              "version": "4.4.276",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.9.*",
              "status": "unaffected",
              "version": "4.9.276",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.14.*",
              "status": "unaffected",
              "version": "4.14.240",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.19.*",
              "status": "unaffected",
              "version": "4.19.198",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.133",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.51",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.12.*",
              "status": "unaffected",
              "version": "5.12.18",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.13.*",
              "status": "unaffected",
              "version": "5.13.3",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.14",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "4.4.276",
                  "versionStartIncluding": "2.6.29",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "4.9.276",
                  "versionStartIncluding": "2.6.29",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "4.14.240",
                  "versionStartIncluding": "2.6.29",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "4.19.198",
                  "versionStartIncluding": "2.6.29",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.4.133",
                  "versionStartIncluding": "2.6.29",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.10.51",
                  "versionStartIncluding": "2.6.29",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.12.18",
                  "versionStartIncluding": "2.6.29",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.13.3",
                  "versionStartIncluding": "2.6.29",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.14",
                  "versionStartIncluding": "2.6.29",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmISDN: fix possible use-after-free in HFC_cleanup()\n\nThis module\u0027s remove path calls del_timer(). However, that function\ndoes not wait until the timer handler finishes. This means that the\ntimer handler may still be running after the driver\u0027s remove function\nhas finished, which would result in a use-after-free.\n\nFix by calling del_timer_sync(), which makes sure the timer handler\nhas finished, and unable to re-schedule itself."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-05-11T13:53:07.476Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/49331c07ef0f8fdfa42b30ba6a83a657b29d7fbe"
        },
        {
          "url": "https://git.kernel.org/stable/c/54ff3202928952a100c477248e65ac6db01258a7"
        },
        {
          "url": "https://git.kernel.org/stable/c/7867ddc5f3de7f289aee63233afc0df4b62834c5"
        },
        {
          "url": "https://git.kernel.org/stable/c/5f2818185da0fe82a932f0856633038b66faf124"
        },
        {
          "url": "https://git.kernel.org/stable/c/3ecd228c636ee17c14662729737fa07242a93cb0"
        },
        {
          "url": "https://git.kernel.org/stable/c/b7ee9ae1e0cf55a037c4a99af2acc5d78cb7802d"
        },
        {
          "url": "https://git.kernel.org/stable/c/61370ff07e0acc657559a8fac02551dfeb9d3020"
        },
        {
          "url": "https://git.kernel.org/stable/c/ed7c3739d0a07e2ec3ccbffe7e93cea01c438cda"
        },
        {
          "url": "https://git.kernel.org/stable/c/009fc857c5f6fda81f2f7dd851b2d54193a8e733"
        }
      ],
      "title": "mISDN: fix possible use-after-free in HFC_cleanup()",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2021-47356",
    "datePublished": "2024-05-21T14:35:59.097Z",
    "dateReserved": "2024-05-21T14:28:16.987Z",
    "dateUpdated": "2026-05-11T13:53:07.476Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

alsa-2024:4352

Vulnerability from osv_almalinux

CVE-2020-26555 (GCVE-0-2020-26555)

CVE-2021-46909 (GCVE-0-2021-46909)

CVE-2021-46972 (GCVE-0-2021-46972)

CVE-2021-47069 (GCVE-0-2021-47069)

CVE-2021-47073 (GCVE-0-2021-47073)

CVE-2021-47236 (GCVE-0-2021-47236)

CVE-2021-47310 (GCVE-0-2021-47310)

CVE-2021-47311 (GCVE-0-2021-47311)

CVE-2021-47353 (GCVE-0-2021-47353)

CVE-2021-47356 (GCVE-0-2021-47356)

Tags

Sightings

Nomenclature