Lucene search

K

GoogleOSV:CVE-2021-47521

HistoryMay 24, 2024 - 3:15 p.m.

CVE-2021-47521

2024-05-2415:15:00

Google

osv.dev

5

linux kernel

cve-2021-47521

use after free

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

AI Score

6.8

Confidence

Low

In the Linux kernel, the following vulnerability has been resolved: can: sja1000: fix use after free in ems_pcmcia_add_card() If the last channel is not available then “dev” is freed. Fortunately, we can just use “pdev->irq” instead. Also we should check if at least one channel was set up.

References

git.kernel.org/linus/3ec6ca6b1a8e64389f0212b5a1b0f6fed1909e45

git.kernel.org/stable/c/1a295fea90e1acbe80c6d4940f5ff856edcd6bec

git.kernel.org/stable/c/1dd5b819f7e406dc15bbc7670596ff25261aaa2a

git.kernel.org/stable/c/3ec6ca6b1a8e64389f0212b5a1b0f6fed1909e45

git.kernel.org/stable/c/474f9a8534f5f89841240a7e978bafd6e1e039ce

git.kernel.org/stable/c/923f4dc5df679f678e121c20bf2fd70f7bf3e288

git.kernel.org/stable/c/c8718026ba287168ff9ad0ccc4f9a413062cba36

git.kernel.org/stable/c/cbd86110546f7f730a1f5d7de56c944a336c15c4

git.kernel.org/stable/c/ccf070183e4655824936c0f96c4a2bcca93419aa

ubuntu.com/security/CVE-2021-47521

www.cve.org/CVERecord?id=CVE-2021-47521

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

AI Score

6.8

Confidence

Low

Related for OSV:CVE-2021-47521

ubuntucve1 redhatcve1 cvelist1 vulnrichment1 debiancve1 nvd1 cve1 redos1 openvas3 osv8 nessus6