CVE-2021-47571

In the Linux kernel, the following vulnerability has been resolved: staging: rtl8192e: Fix use after free in _rtl92e_pci_disconnect() The free_rtllib() function frees the "dev" pointer so there is use after free on the next line. Re-arrange things to avoid that.

CVSS v3 7.8 HIGH

7.8^/10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 5.9

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://git.kernel.org/stable/c/2e1ec01af2c7139c6a600bbfaea1a018b35094b6	Patch
https://git.kernel.org/stable/c/8d0163cec7de995f9eb9c3128c83fb84f0cb1c64	Patch
https://git.kernel.org/stable/c/9186680382934b0e7529d3d70dcc0a21d087683b	Patch
https://git.kernel.org/stable/c/b535917c51acc97fb0761b1edec85f1f3d02bda4	Patch
https://git.kernel.org/stable/c/bca19bb2dc2d89ce60c4a4a6e59609d4cf2e13ef	Patch
https://git.kernel.org/stable/c/c0ef0e75a858cbd8618b473f22fbca36106dcf82	Patch
https://git.kernel.org/stable/c/d43aecb694b10db9a4228ce2d38b5ae8de374443	Patch
https://git.kernel.org/stable/c/e27ee2f607fe6a9b923ef1fc65461c0613c97594	Patch
https://git.kernel.org/stable/c/2e1ec01af2c7139c6a600bbfaea1a018b35094b6	Patch
https://git.kernel.org/stable/c/8d0163cec7de995f9eb9c3128c83fb84f0cb1c64	Patch
https://git.kernel.org/stable/c/9186680382934b0e7529d3d70dcc0a21d087683b	Patch
https://git.kernel.org/stable/c/b535917c51acc97fb0761b1edec85f1f3d02bda4	Patch
https://git.kernel.org/stable/c/bca19bb2dc2d89ce60c4a4a6e59609d4cf2e13ef	Patch
https://git.kernel.org/stable/c/c0ef0e75a858cbd8618b473f22fbca36106dcf82	Patch
https://git.kernel.org/stable/c/d43aecb694b10db9a4228ce2d38b5ae8de374443	Patch
https://git.kernel.org/stable/c/e27ee2f607fe6a9b923ef1fc65461c0613c97594	Patch

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::

History

21 Nov 2024, 06:36

Type	Values Removed	Values Added
References	~~() https://git.kernel.org/stable/c/2e1ec01af2c7139c6a600bbfaea1a018b35094b6 - Patch~~	() https://git.kernel.org/stable/c/2e1ec01af2c7139c6a600bbfaea1a018b35094b6 - Patch
References	~~() https://git.kernel.org/stable/c/8d0163cec7de995f9eb9c3128c83fb84f0cb1c64 - Patch~~	() https://git.kernel.org/stable/c/8d0163cec7de995f9eb9c3128c83fb84f0cb1c64 - Patch
References	~~() https://git.kernel.org/stable/c/9186680382934b0e7529d3d70dcc0a21d087683b - Patch~~	() https://git.kernel.org/stable/c/9186680382934b0e7529d3d70dcc0a21d087683b - Patch
References	~~() https://git.kernel.org/stable/c/b535917c51acc97fb0761b1edec85f1f3d02bda4 - Patch~~	() https://git.kernel.org/stable/c/b535917c51acc97fb0761b1edec85f1f3d02bda4 - Patch
References	~~() https://git.kernel.org/stable/c/bca19bb2dc2d89ce60c4a4a6e59609d4cf2e13ef - Patch~~	() https://git.kernel.org/stable/c/bca19bb2dc2d89ce60c4a4a6e59609d4cf2e13ef - Patch
References	~~() https://git.kernel.org/stable/c/c0ef0e75a858cbd8618b473f22fbca36106dcf82 - Patch~~	() https://git.kernel.org/stable/c/c0ef0e75a858cbd8618b473f22fbca36106dcf82 - Patch
References	~~() https://git.kernel.org/stable/c/d43aecb694b10db9a4228ce2d38b5ae8de374443 - Patch~~	() https://git.kernel.org/stable/c/d43aecb694b10db9a4228ce2d38b5ae8de374443 - Patch
References	~~() https://git.kernel.org/stable/c/e27ee2f607fe6a9b923ef1fc65461c0613c97594 - Patch~~	() https://git.kernel.org/stable/c/e27ee2f607fe6a9b923ef1fc65461c0613c97594 - Patch

10 Jun 2024, 19:22

Type	Values Removed	Values Added
First Time		Linux Linux linux Kernel
Summary		(es) En el kernel de Linux se ha resuelto la siguiente vulnerabilidad: staging: rtl8192e: Corrige el use after free en _rtl92e_pci_disconnect() La función free_rtllib() libera el puntero "dev" para que haya use after free en la siguiente línea. Reorganice las cosas para evitar eso.
References	~~() https://git.kernel.org/stable/c/2e1ec01af2c7139c6a600bbfaea1a018b35094b6 -~~	() https://git.kernel.org/stable/c/2e1ec01af2c7139c6a600bbfaea1a018b35094b6 - Patch
References	~~() https://git.kernel.org/stable/c/8d0163cec7de995f9eb9c3128c83fb84f0cb1c64 -~~	() https://git.kernel.org/stable/c/8d0163cec7de995f9eb9c3128c83fb84f0cb1c64 - Patch
References	~~() https://git.kernel.org/stable/c/9186680382934b0e7529d3d70dcc0a21d087683b -~~	() https://git.kernel.org/stable/c/9186680382934b0e7529d3d70dcc0a21d087683b - Patch
References	~~() https://git.kernel.org/stable/c/b535917c51acc97fb0761b1edec85f1f3d02bda4 -~~	() https://git.kernel.org/stable/c/b535917c51acc97fb0761b1edec85f1f3d02bda4 - Patch
References	~~() https://git.kernel.org/stable/c/bca19bb2dc2d89ce60c4a4a6e59609d4cf2e13ef -~~	() https://git.kernel.org/stable/c/bca19bb2dc2d89ce60c4a4a6e59609d4cf2e13ef - Patch
References	~~() https://git.kernel.org/stable/c/c0ef0e75a858cbd8618b473f22fbca36106dcf82 -~~	() https://git.kernel.org/stable/c/c0ef0e75a858cbd8618b473f22fbca36106dcf82 - Patch
References	~~() https://git.kernel.org/stable/c/d43aecb694b10db9a4228ce2d38b5ae8de374443 -~~	() https://git.kernel.org/stable/c/d43aecb694b10db9a4228ce2d38b5ae8de374443 - Patch
References	~~() https://git.kernel.org/stable/c/e27ee2f607fe6a9b923ef1fc65461c0613c97594 -~~	() https://git.kernel.org/stable/c/e27ee2f607fe6a9b923ef1fc65461c0613c97594 - Patch
CWE		CWE-416
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 7.8
CPE		cpe:2.3:o:linux:linux_kernel::::::::

24 May 2024, 15:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2024-05-24 15:15

Updated : 2024-11-21 06:36

NVD link : CVE-2021-47571

Mitre link : CVE-2021-47571

CVE.ORG link : CVE-2021-47571

JSON object : View

Products Affected

linux

linux_kernel

CWE

CWE-416

Use After Free

7.8 /10