Lucene search

Debian Security Bug TrackerDEBIANCVE:CVE-2021-46966

HistoryFeb 27, 2024 - 7:04 p.m.

CVE-2021-46966

2024-02-2719:04:07

Debian Security Bug Tracker

security-tracker.debian.org

linux kernel

vulnerability

resolved

acpi

custom_method

use-after-free

cm_write

function

AI Score

7.3

Confidence

High

EPSS

Percentile

13.0%

JSON

In the Linux kernel, the following vulnerability has been resolved: ACPI: custom_method: fix potential use-after-free issue In cm_write(), buf is always freed when reaching the end of the function. If the requested count is less than table.length, the allocated buffer will be freed but subsequent calls to cm_write() will still try to access it. Remove the unconditional kfree(buf) at the end of the function and set the buf to NULL in the -EINVAL error path to match the rest of function.

OSVersionArchitecturePackageVersionFilename
Debian12alllinux< 5.10.38-1linux_5.10.38-1_all.deb
Debian11alllinux< 5.10.38-1linux_5.10.38-1_all.deb
Debian999alllinux< 5.10.38-1linux_5.10.38-1_all.deb
Debian13alllinux< 5.10.38-1linux_5.10.38-1_all.deb

OS	Version	Architecture	Package	Version	Filename
Debian	12	all	linux	< 5.10.38-1	linux_5.10.38-1_all.deb
Debian	11	all	linux	< 5.10.38-1	linux_5.10.38-1_all.deb
Debian	999	all	linux	< 5.10.38-1	linux_5.10.38-1_all.deb
Debian	13	all	linux	< 5.10.38-1	linux_5.10.38-1_all.deb