Lucene search

416baaa9-dc9f-4396-8d5f-8c081fb06d67CVE-2021-46932

HistoryFeb 27, 2024 - 10:15 a.m.

CVE-2021-46932

2024-02-2710:15:07

CWE-665

416baaa9-dc9f-4396-8d5f-8c081fb06d67

web.nvd.nist.gov

412

cve

linux kernel

vulnerability

appletouch

initialization

device registration

nvd

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

6.2 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

5.1%

JSON

In the Linux kernel, the following vulnerability has been resolved:

Input: appletouch - initialize work before device registration

Syzbot has reported warning in __flush_work(). This warning is caused by
work->func == NULL, which means missing work initialization.

This may happen, since input_dev->close() calls
cancel_work_sync(&dev->work), but dev->work initalization happens after
input_register_device() call.

So this patch moves dev->work initialization before registering input
device

Affected configurations

Vulners

NVD

Node

linuxlinux_kernelRange2.6.23–4.4.298

linuxlinux_kernelRange4.5.0–4.9.296

linuxlinux_kernelRange4.10.0–4.14.261

linuxlinux_kernelRange4.15.0–4.19.224

linuxlinux_kernelRange4.20.0–5.4.170

linuxlinux_kernelRange5.5.0–5.10.90

linuxlinux_kernelRange5.11.0–5.15.13

linuxlinux_kernelRange5.16.0≥

VendorProductVersionCPE
linuxlinux_kernel*cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
linuxlinux_kernel*cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
linuxlinux_kernel*cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
linuxlinux_kernel*cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
linuxlinux_kernel*cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
linuxlinux_kernel*cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
linuxlinux_kernel*cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
linuxlinux_kernel*cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
linux	linux_kernel	*	cpe:2.3:o:linux:linux_kernel::::::::
linux	linux_kernel	*	cpe:2.3:o:linux:linux_kernel::::::::
linux	linux_kernel	*	cpe:2.3:o:linux:linux_kernel::::::::
linux	linux_kernel	*	cpe:2.3:o:linux:linux_kernel::::::::
linux	linux_kernel	*	cpe:2.3:o:linux:linux_kernel::::::::
linux	linux_kernel	*	cpe:2.3:o:linux:linux_kernel::::::::
linux	linux_kernel	*	cpe:2.3:o:linux:linux_kernel::::::::
linux	linux_kernel	*	cpe:2.3:o:linux:linux_kernel::::::::

CNA Affected

[
  {
    "product": "Linux",
    "vendor": "Linux",
    "defaultStatus": "unaffected",
    "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
    "programFiles": [
      "drivers/input/mouse/appletouch.c"
    ],
    "versions": [
      {
        "version": "5a6eb676d3bc",
        "lessThan": "d2cb2bf39a6d",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "5a6eb676d3bc",
        "lessThan": "d1962f263a17",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "5a6eb676d3bc",
        "lessThan": "292d2ac61fb0",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "5a6eb676d3bc",
        "lessThan": "a02e1404e278",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "5a6eb676d3bc",
        "lessThan": "975774ea7528",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "5a6eb676d3bc",
        "lessThan": "9f329d0d6c91",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "5a6eb676d3bc",
        "lessThan": "e79ff8c68acb",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "5a6eb676d3bc",
        "lessThan": "9f3ccdc3f6ef",
        "status": "affected",
        "versionType": "git"
      }
    ]
  },
  {
    "product": "Linux",
    "vendor": "Linux",
    "defaultStatus": "affected",
    "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
    "programFiles": [
      "drivers/input/mouse/appletouch.c"
    ],
    "versions": [
      {
        "version": "2.6.23",
        "status": "affected"
      },
      {
        "version": "0",
        "lessThan": "2.6.23",
        "status": "unaffected",
        "versionType": "custom"
      },
      {
        "version": "4.4.298",
        "lessThanOrEqual": "4.4.*",
        "status": "unaffected",
        "versionType": "custom"
      },
      {
        "version": "4.9.296",
        "lessThanOrEqual": "4.9.*",
        "status": "unaffected",
        "versionType": "custom"
      },
      {
        "version": "4.14.261",
        "lessThanOrEqual": "4.14.*",
        "status": "unaffected",
        "versionType": "custom"
      },
      {
        "version": "4.19.224",
        "lessThanOrEqual": "4.19.*",
        "status": "unaffected",
        "versionType": "custom"
      },
      {
        "version": "5.4.170",
        "lessThanOrEqual": "5.4.*",
        "status": "unaffected",
        "versionType": "custom"
      },
      {
        "version": "5.10.90",
        "lessThanOrEqual": "5.10.*",
        "status": "unaffected",
        "versionType": "custom"
      },
      {
        "version": "5.15.13",
        "lessThanOrEqual": "5.15.*",
        "status": "unaffected",
        "versionType": "custom"
      },
      {
        "version": "5.16",
        "lessThanOrEqual": "*",
        "status": "unaffected",
        "versionType": "original_commit_for_fix"
      }
    ]
  }
]