CVE-2021-47500

Severity CVSS v4.0:
Pending analysis
Type:
CWE-416 Use After Free
Publication date:
24/05/2024
Last modified:
06/01/2025

Description

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> iio: mma8452: Fix trigger reference couting<br /> <br /> The mma8452 driver directly assigns a trigger to the struct iio_dev. The<br /> IIO core when done using this trigger will call `iio_trigger_put()` to drop<br /> the reference count by 1.<br /> <br /> Without the matching `iio_trigger_get()` in the driver the reference count<br /> can reach 0 too early, the trigger gets freed while still in use and a<br /> use-after-free occurs.<br /> <br /> Fix this by getting a reference to the trigger before assigning it to the<br /> IIO device.

Vulnerable products and versions

CPE From Up to
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* 4.2 (including) 4.4.295 (excluding)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* 4.5 (including) 4.9.293 (excluding)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* 4.10 (including) 4.14.258 (excluding)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* 4.15 (including) 4.19.221 (excluding)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* 4.20 (including) 5.4.165 (excluding)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* 5.5 (including) 5.10.85 (excluding)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* 5.11 (including) 5.15.8 (excluding)
cpe:2.3:o:linux:linux_kernel:5.15:rc1:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:5.15:rc2:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:5.15:rc3:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:5.15:rc4:*:*:*:*:*:*