Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2021-47357HistoryMay 21, 2024 - 3:15 p.m.
CVE-2021-47357
2024-05-2115:15:22
Debian Security Bug Tracker
security-tracker.debian.org
3
linux kernel
use-after-free
atm module
vulnerability
fix
cve-2021-47357
timer handler
In the Linux kernel, the following vulnerability has been resolved: atm: iphase: fix possible use-after-free in ia_module_exit() This module’s remove path calls del_timer(). However, that function does not wait until the timer handler finishes. This means that the timer handler may still be running after the driver’s remove function has finished, which would result in a use-after-free. Fix by calling del_timer_sync(), which makes sure the timer handler has finished, and unable to re-schedule itself.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | linux | < 5.14.6-1 | linux_5.14.6-1_all.deb |
| Debian | 11 | all | linux | < 5.10.70-1 | linux_5.10.70-1_all.deb |
| Debian | 999 | all | linux | < 5.14.6-1 | linux_5.14.6-1_all.deb |
| Debian | 13 | all | linux | < 5.14.6-1 | linux_5.14.6-1_all.deb |
Related
redhatcve
redhatcve
CVE-2021-47357
2024-05-22 11:04:46
cvelist
cvelist
CVE-2021-47357 atm: iphase: fix possible use-after-free in ia_module_exit()
2024-05-21 14:35:59
nvd
nvd
CVE-2021-47357
2024-05-21 15:15:22
cve
cve
CVE-2021-47357
2024-05-21 15:15:22
ubuntucve
ubuntucve
CVE-2021-47357
2024-05-21 00:00:00
nessus
nessus
SUSE SLED12 / SLES12 Security Update : kernel (SUSE-SU-2024:2184-1)
2024-06-25 00:00:00
SUSE SLES12 Security Update : kernel (SUSE-SU-2024:1979-1)
2024-06-12 00:00:00
SUSE SLES12 Security Update : kernel (SUSE-SU-2024:1983-1)
2024-06-12 00:00:00
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2024:1979-1)
2024-06-12 00:00:00