CVE-2021-46930

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2021-46930
In the Linux kernel, the following vulnerability has been resolved: usb: mtu3: fix list_head check warning This is caused by uninitialization of list_head. BUG: KASAN: use-after-free in __list_del_entry_valid+0x34/0xe4 Call trace: dump_backtrace+0x0/0x298 show_stack+0x24/0x34 dump_stack+0x130/0x1a8 print_address_description+0x88/0x56c __kasan_report+0x1b8/0x2a0 kasan_report+0x14/0x20 __asan_load8+0x9c/0xa0 __list_del_entry_valid+0x34/0xe4 mtu3_req_complete+0x4c/0x300 [mtu3] mtu3_gadget_stop+0x168/0x448 [mtu3] usb_gadget_unregister_driver+0x204/0x3a0 unregister_gadget_item+0x44/0xa4

5.5 /10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
https://git.kernel.org/stable/c/249ddfbe00570d6dc76208e88017937d4d374c79 Patch
https://git.kernel.org/stable/c/3b6efe0b7ba03cc2acf0694b46d6ff33c5b4c295 Patch
https://git.kernel.org/stable/c/585e2b244dda7ea733274e4b8fa27853d625d3bf Patch
https://git.kernel.org/stable/c/8c313e3bfd9adae8d5c4ba1cc696dcbc86fbf9bf Patch
https://git.kernel.org/stable/c/249ddfbe00570d6dc76208e88017937d4d374c79 Patch
https://git.kernel.org/stable/c/3b6efe0b7ba03cc2acf0694b46d6ff33c5b4c295 Patch
https://git.kernel.org/stable/c/585e2b244dda7ea733274e4b8fa27853d625d3bf Patch
https://git.kernel.org/stable/c/8c313e3bfd9adae8d5c4ba1cc696dcbc86fbf9bf Patch
Configurations

Configuration 1 (hide)

OR cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
History

21 Nov 2024, 06:34

Type Values Removed Values Added
References () https://git.kernel.org/stable/c/249ddfbe00570d6dc76208e88017937d4d374c79 - Patch () https://git.kernel.org/stable/c/249ddfbe00570d6dc76208e88017937d4d374c79 - Patch
References () https://git.kernel.org/stable/c/3b6efe0b7ba03cc2acf0694b46d6ff33c5b4c295 - Patch () https://git.kernel.org/stable/c/3b6efe0b7ba03cc2acf0694b46d6ff33c5b4c295 - Patch
References () https://git.kernel.org/stable/c/585e2b244dda7ea733274e4b8fa27853d625d3bf - Patch () https://git.kernel.org/stable/c/585e2b244dda7ea733274e4b8fa27853d625d3bf - Patch
References () https://git.kernel.org/stable/c/8c313e3bfd9adae8d5c4ba1cc696dcbc86fbf9bf - Patch () https://git.kernel.org/stable/c/8c313e3bfd9adae8d5c4ba1cc696dcbc86fbf9bf - Patch

10 Apr 2024, 16:39

Type Values Removed Values Added
CVSS v2 : unknown
v3 : unknown 		v2 : unknown
v3 : 5.5
First Time Linux
Linux linux Kernel
CWE CWE-416
CPE cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
References () https://git.kernel.org/stable/c/249ddfbe00570d6dc76208e88017937d4d374c79 - () https://git.kernel.org/stable/c/249ddfbe00570d6dc76208e88017937d4d374c79 - Patch
References () https://git.kernel.org/stable/c/3b6efe0b7ba03cc2acf0694b46d6ff33c5b4c295 - () https://git.kernel.org/stable/c/3b6efe0b7ba03cc2acf0694b46d6ff33c5b4c295 - Patch
References () https://git.kernel.org/stable/c/585e2b244dda7ea733274e4b8fa27853d625d3bf - () https://git.kernel.org/stable/c/585e2b244dda7ea733274e4b8fa27853d625d3bf - Patch
References () https://git.kernel.org/stable/c/8c313e3bfd9adae8d5c4ba1cc696dcbc86fbf9bf - () https://git.kernel.org/stable/c/8c313e3bfd9adae8d5c4ba1cc696dcbc86fbf9bf - Patch

27 Feb 2024, 14:20

Type Values Removed Values Added
New CVE
Information

Published : 2024-02-27 10:15

Updated : 2024-11-21 06:34

NVD link : CVE-2021-46930

Mitre link : CVE-2021-46930

CVE.ORG link : CVE-2021-46930

JSON object : View

Products Affected

linux

  • linux_kernel
CWE
CWE-416

Use After Free


NetmanageIT Website NetmanageIT OSINT Web NetmanageIT OpenCTI NetmanageIT PDF Tools NetmanageIT CTO Corner Blog NetmanageIT Email Header Analyzer NetmanageIT Password Pusher NetmanageIT Internet Health and Latency Dashboard NetmanageIT Dedicated Speed Test Site NetmanageIT Ubuntu Mirror 10Gbps Copyright OpenCVE 2024