Lucene search
Redhat.comRH:CVE-2021-47239HistoryMay 23, 2024 - 2:02 p.m.
CVE-2021-47239
2024-05-2314:02:18
redhat.com
access.redhat.com
2
linux kernel
vulnerability
cve-2021-47239
usb
use-after-free
memory leak
work scheduled
patch
cancel_work_sync
dangling pointer
In the Linux kernel, the following vulnerability has been resolved: net: usb: fix possible use-after-free in smsc75xx_bind The commit 46a8b29c6306 (“net: usb: fix memory leak in smsc75xx_bind”) fails to clean up the work scheduled in smsc75xx_reset-> smsc75xx_set_multicast, which leads to use-after-free if the work is scheduled to start after the deallocation. In addition, this patch also removes a dangling pointer - dev->data[0]. This patch calls cancel_work_sync to cancel the scheduled work and set the dangling pointer to NULL.
Related
cvelist
cvelist
CVE-2021-47239 net: usb: fix possible use-after-free in smsc75xx_bind
2024-05-21 14:19:39
nvd
nvd
CVE-2021-47239
2024-05-21 15:15:13
ubuntucve
ubuntucve
CVE-2021-47239
2024-05-21 00:00:00
debiancve
debiancve
CVE-2021-47239
2024-05-21 15:15:13
cve
cve
CVE-2021-47239
2024-05-21 15:15:13
nessus
nessus
SUSE SLES12 Security Update : kernel (SUSE-SU-2024:1983-1)
2024-06-12 00:00:00
SUSE SLES12 Security Update : kernel (SUSE-SU-2024:1979-1)
2024-06-12 00:00:00
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2024:1979-1)
2024-06-12 00:00:00