Lucene search

K
cvelistLinuxCVELIST:CVE-2021-47525
HistoryMay 24, 2024 - 3:09 p.m.

CVE-2021-47525 serial: liteuart: fix use-after-free and memleak on unbind

2024-05-2415:09:37
Linux
www.cve.org
cve-2021-47525
liteuart
use-after-free
memleak
unbind
driver

6.5 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

9.0%

In the Linux kernel, the following vulnerability has been resolved:

serial: liteuart: fix use-after-free and memleak on unbind

Deregister the port when unbinding the driver to prevent it from being
used after releasing the driver data and leaking memory allocated by
serial core.

CNA Affected

[
  {
    "product": "Linux",
    "vendor": "Linux",
    "defaultStatus": "unaffected",
    "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
    "programFiles": [
      "drivers/tty/serial/liteuart.c"
    ],
    "versions": [
      {
        "version": "1da81e5562fa",
        "lessThan": "602824cf9aa9",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "1da81e5562fa",
        "lessThan": "05f929b395de",
        "status": "affected",
        "versionType": "git"
      }
    ]
  },
  {
    "product": "Linux",
    "vendor": "Linux",
    "defaultStatus": "affected",
    "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
    "programFiles": [
      "drivers/tty/serial/liteuart.c"
    ],
    "versions": [
      {
        "version": "5.11",
        "status": "affected"
      },
      {
        "version": "0",
        "lessThan": "5.11",
        "status": "unaffected",
        "versionType": "custom"
      },
      {
        "version": "5.15.7",
        "lessThanOrEqual": "5.15.*",
        "status": "unaffected",
        "versionType": "custom"
      },
      {
        "version": "5.16",
        "lessThanOrEqual": "*",
        "status": "unaffected",
        "versionType": "original_commit_for_fix"
      }
    ]
  }
]

6.5 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

9.0%