cve-2021-47500
Vulnerability from cvelistv5
Published
2024-05-24 15:01
Modified
2024-12-19 07:43
Severity ?
EPSS score ?
Summary
iio: mma8452: Fix trigger reference couting
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T05:39:59.752Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/094d513b78b1714113bc016684b8142382e071ba"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/fb75cc4740d81264cd5bcb0e17d961d018a8be96"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/794c0898f6bf39a458655d5fb4af70ec43a5cfcb"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/f5deab10ced368c807866283f8b79144c4823be8"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/acf0088ac073ca6e7f4cad6acac112177e08df5e"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/db12d95085367de8b0223929d1332731024441f1"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/c43517071dfc9fce34f8f69dbb98a86017f6b739"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/cd0082235783f814241a1c9483fb89e405f4f892"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-47500",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-10T15:35:45.977945Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-11T17:32:52.849Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/iio/accel/mma8452.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "094d513b78b1714113bc016684b8142382e071ba",
"status": "affected",
"version": "ae6d9ce05691bf79694074db7c7da980080548af",
"versionType": "git"
},
{
"lessThan": "fb75cc4740d81264cd5bcb0e17d961d018a8be96",
"status": "affected",
"version": "ae6d9ce05691bf79694074db7c7da980080548af",
"versionType": "git"
},
{
"lessThan": "794c0898f6bf39a458655d5fb4af70ec43a5cfcb",
"status": "affected",
"version": "ae6d9ce05691bf79694074db7c7da980080548af",
"versionType": "git"
},
{
"lessThan": "f5deab10ced368c807866283f8b79144c4823be8",
"status": "affected",
"version": "ae6d9ce05691bf79694074db7c7da980080548af",
"versionType": "git"
},
{
"lessThan": "acf0088ac073ca6e7f4cad6acac112177e08df5e",
"status": "affected",
"version": "ae6d9ce05691bf79694074db7c7da980080548af",
"versionType": "git"
},
{
"lessThan": "db12d95085367de8b0223929d1332731024441f1",
"status": "affected",
"version": "ae6d9ce05691bf79694074db7c7da980080548af",
"versionType": "git"
},
{
"lessThan": "c43517071dfc9fce34f8f69dbb98a86017f6b739",
"status": "affected",
"version": "ae6d9ce05691bf79694074db7c7da980080548af",
"versionType": "git"
},
{
"lessThan": "cd0082235783f814241a1c9483fb89e405f4f892",
"status": "affected",
"version": "ae6d9ce05691bf79694074db7c7da980080548af",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/iio/accel/mma8452.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "4.2"
},
{
"lessThan": "4.2",
"status": "unaffected",
"version": "0",
"versionType": "semver"
},
{
"lessThanOrEqual": "4.4.*",
"status": "unaffected",
"version": "4.4.295",
"versionType": "semver"
},
{
"lessThanOrEqual": "4.9.*",
"status": "unaffected",
"version": "4.9.293",
"versionType": "semver"
},
{
"lessThanOrEqual": "4.14.*",
"status": "unaffected",
"version": "4.14.258",
"versionType": "semver"
},
{
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"version": "4.19.221",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"version": "5.4.165",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.85",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.8",
"versionType": "semver"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "5.16",
"versionType": "original_commit_for_fix"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\niio: mma8452: Fix trigger reference couting\n\nThe mma8452 driver directly assigns a trigger to the struct iio_dev. The\nIIO core when done using this trigger will call `iio_trigger_put()` to drop\nthe reference count by 1.\n\nWithout the matching `iio_trigger_get()` in the driver the reference count\ncan reach 0 too early, the trigger gets freed while still in use and a\nuse-after-free occurs.\n\nFix this by getting a reference to the trigger before assigning it to the\nIIO device."
}
],
"providerMetadata": {
"dateUpdated": "2024-12-19T07:43:39.544Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/094d513b78b1714113bc016684b8142382e071ba"
},
{
"url": "https://git.kernel.org/stable/c/fb75cc4740d81264cd5bcb0e17d961d018a8be96"
},
{
"url": "https://git.kernel.org/stable/c/794c0898f6bf39a458655d5fb4af70ec43a5cfcb"
},
{
"url": "https://git.kernel.org/stable/c/f5deab10ced368c807866283f8b79144c4823be8"
},
{
"url": "https://git.kernel.org/stable/c/acf0088ac073ca6e7f4cad6acac112177e08df5e"
},
{
"url": "https://git.kernel.org/stable/c/db12d95085367de8b0223929d1332731024441f1"
},
{
"url": "https://git.kernel.org/stable/c/c43517071dfc9fce34f8f69dbb98a86017f6b739"
},
{
"url": "https://git.kernel.org/stable/c/cd0082235783f814241a1c9483fb89e405f4f892"
}
],
"title": "iio: mma8452: Fix trigger reference couting",
"x_generator": {
"engine": "bippy-5f407fcff5a0"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2021-47500",
"datePublished": "2024-05-24T15:01:43.362Z",
"dateReserved": "2024-05-22T06:20:56.204Z",
"dateUpdated": "2024-12-19T07:43:39.544Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2021-47500\",\"sourceIdentifier\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"published\":\"2024-05-24T15:15:09.900\",\"lastModified\":\"2025-01-06T20:45:22.063\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In the Linux kernel, the following vulnerability has been resolved:\\n\\niio: mma8452: Fix trigger reference couting\\n\\nThe mma8452 driver directly assigns a trigger to the struct iio_dev. The\\nIIO core when done using this trigger will call `iio_trigger_put()` to drop\\nthe reference count by 1.\\n\\nWithout the matching `iio_trigger_get()` in the driver the reference count\\ncan reach 0 too early, the trigger gets freed while still in use and a\\nuse-after-free occurs.\\n\\nFix this by getting a reference to the trigger before assigning it to the\\nIIO device.\"},{\"lang\":\"es\",\"value\":\"En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: iio: mma8452: correcci\u00f3n del c\u00e1lculo de referencia del disparador El controlador mma8452 asigna directamente un disparador a la estructura iio_dev. El n\u00facleo de IIO, cuando termine de usar este activador, llamar\u00e1 a `iio_trigger_put()` para reducir el recuento de referencias en 1. Sin el `iio_trigger_get()` coincidente en el controlador, el recuento de referencias puede llegar a 0 demasiado pronto, el activador se libera mientras a\u00fan est\u00e1 en se produce un uso y un use-after-free. Solucione este problema obteniendo una referencia al disparador antes de asignarlo al dispositivo IIO.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":7.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-416\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.2\",\"versionEndExcluding\":\"4.4.295\",\"matchCriteriaId\":\"3842D18A-DF7B-40A7-994E-E7606663CB16\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.5\",\"versionEndExcluding\":\"4.9.293\",\"matchCriteriaId\":\"5D107324-F4B9-4146-BACC-391E95D41D67\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.10\",\"versionEndExcluding\":\"4.14.258\",\"matchCriteriaId\":\"71B2A056-7541-4FF3-859E-C55955DDA2DD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.15\",\"versionEndExcluding\":\"4.19.221\",\"matchCriteriaId\":\"CECDDE2F-DEEF-4D3A-85FF-6AEBA16D225B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.20\",\"versionEndExcluding\":\"5.4.165\",\"matchCriteriaId\":\"B1DD3148-41FC-42AC-96A5-F63D774A97A3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.5\",\"versionEndExcluding\":\"5.10.85\",\"matchCriteriaId\":\"D9668578-08F7-4694-A86F-FCE448387A79\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.11\",\"versionEndExcluding\":\"5.15.8\",\"matchCriteriaId\":\"6664ACE2-F748-4AE5-B98B-58803B0B2C3E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:5.15:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"E46C74C6-B76B-4C94-A6A4-FD2FFF62D644\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:5.15:rc2:*:*:*:*:*:*\",\"matchCriteriaId\":\"60134C3A-06E4-48C1-B04F-2903732A4E56\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:5.15:rc3:*:*:*:*:*:*\",\"matchCriteriaId\":\"0460DA88-8FE1-46A2-9DDA-1F1ABA552E71\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:5.15:rc4:*:*:*:*:*:*\",\"matchCriteriaId\":\"AF55383D-4DF2-45DC-93F7-571F4F978EAB\"}]}]}],\"references\":[{\"url\":\"https://git.kernel.org/stable/c/094d513b78b1714113bc016684b8142382e071ba\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/794c0898f6bf39a458655d5fb4af70ec43a5cfcb\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/acf0088ac073ca6e7f4cad6acac112177e08df5e\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/c43517071dfc9fce34f8f69dbb98a86017f6b739\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/cd0082235783f814241a1c9483fb89e405f4f892\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/db12d95085367de8b0223929d1332731024441f1\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/f5deab10ced368c807866283f8b79144c4823be8\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/fb75cc4740d81264cd5bcb0e17d961d018a8be96\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/094d513b78b1714113bc016684b8142382e071ba\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/794c0898f6bf39a458655d5fb4af70ec43a5cfcb\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/acf0088ac073ca6e7f4cad6acac112177e08df5e\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/c43517071dfc9fce34f8f69dbb98a86017f6b739\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/cd0082235783f814241a1c9483fb89e405f4f892\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/db12d95085367de8b0223929d1332731024441f1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/f5deab10ced368c807866283f8b79144c4823be8\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/fb75cc4740d81264cd5bcb0e17d961d018a8be96\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]}]}}"
}
}
Loading...
Loading...
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.