| { |
| "containers": { |
| "cna": { |
| "providerMetadata": { |
| "orgId": "f4215fc3-5b6b-47ff-a258-f7189bd81038" |
| }, |
| "descriptions": [ |
| { |
| "lang": "en", |
| "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmISDN: fix possible use-after-free in HFC_cleanup()\n\nThis module's remove path calls del_timer(). However, that function\ndoes not wait until the timer handler finishes. This means that the\ntimer handler may still be running after the driver's remove function\nhas finished, which would result in a use-after-free.\n\nFix by calling del_timer_sync(), which makes sure the timer handler\nhas finished, and unable to re-schedule itself." |
| } |
| ], |
| "affected": [ |
| { |
| "product": "Linux", |
| "vendor": "Linux", |
| "defaultStatus": "unaffected", |
| "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", |
| "programFiles": [ |
| "drivers/isdn/hardware/mISDN/hfcpci.c" |
| ], |
| "versions": [ |
| { |
| "version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2", |
| "lessThan": "49331c07ef0f8fdfa42b30ba6a83a657b29d7fbe", |
| "status": "affected", |
| "versionType": "git" |
| }, |
| { |
| "version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2", |
| "lessThan": "54ff3202928952a100c477248e65ac6db01258a7", |
| "status": "affected", |
| "versionType": "git" |
| }, |
| { |
| "version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2", |
| "lessThan": "7867ddc5f3de7f289aee63233afc0df4b62834c5", |
| "status": "affected", |
| "versionType": "git" |
| }, |
| { |
| "version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2", |
| "lessThan": "5f2818185da0fe82a932f0856633038b66faf124", |
| "status": "affected", |
| "versionType": "git" |
| }, |
| { |
| "version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2", |
| "lessThan": "3ecd228c636ee17c14662729737fa07242a93cb0", |
| "status": "affected", |
| "versionType": "git" |
| }, |
| { |
| "version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2", |
| "lessThan": "b7ee9ae1e0cf55a037c4a99af2acc5d78cb7802d", |
| "status": "affected", |
| "versionType": "git" |
| }, |
| { |
| "version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2", |
| "lessThan": "61370ff07e0acc657559a8fac02551dfeb9d3020", |
| "status": "affected", |
| "versionType": "git" |
| }, |
| { |
| "version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2", |
| "lessThan": "ed7c3739d0a07e2ec3ccbffe7e93cea01c438cda", |
| "status": "affected", |
| "versionType": "git" |
| }, |
| { |
| "version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2", |
| "lessThan": "009fc857c5f6fda81f2f7dd851b2d54193a8e733", |
| "status": "affected", |
| "versionType": "git" |
| } |
| ] |
| }, |
| { |
| "product": "Linux", |
| "vendor": "Linux", |
| "defaultStatus": "affected", |
| "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", |
| "programFiles": [ |
| "drivers/isdn/hardware/mISDN/hfcpci.c" |
| ], |
| "versions": [ |
| { |
| "version": "4.4.276", |
| "lessThanOrEqual": "4.4.*", |
| "status": "unaffected", |
| "versionType": "semver" |
| }, |
| { |
| "version": "4.9.276", |
| "lessThanOrEqual": "4.9.*", |
| "status": "unaffected", |
| "versionType": "semver" |
| }, |
| { |
| "version": "4.14.240", |
| "lessThanOrEqual": "4.14.*", |
| "status": "unaffected", |
| "versionType": "semver" |
| }, |
| { |
| "version": "4.19.198", |
| "lessThanOrEqual": "4.19.*", |
| "status": "unaffected", |
| "versionType": "semver" |
| }, |
| { |
| "version": "5.4.133", |
| "lessThanOrEqual": "5.4.*", |
| "status": "unaffected", |
| "versionType": "semver" |
| }, |
| { |
| "version": "5.10.51", |
| "lessThanOrEqual": "5.10.*", |
| "status": "unaffected", |
| "versionType": "semver" |
| }, |
| { |
| "version": "5.12.18", |
| "lessThanOrEqual": "5.12.*", |
| "status": "unaffected", |
| "versionType": "semver" |
| }, |
| { |
| "version": "5.13.3", |
| "lessThanOrEqual": "5.13.*", |
| "status": "unaffected", |
| "versionType": "semver" |
| }, |
| { |
| "version": "5.14", |
| "lessThanOrEqual": "*", |
| "status": "unaffected", |
| "versionType": "original_commit_for_fix" |
| } |
| ] |
| } |
| ], |
| "cpeApplicability": [ |
| { |
| "nodes": [ |
| { |
| "operator": "OR", |
| "negate": false, |
| "cpeMatch": [ |
| { |
| "vulnerable": true, |
| "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", |
| "versionEndExcluding": "4.4.276" |
| }, |
| { |
| "vulnerable": true, |
| "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", |
| "versionEndExcluding": "4.9.276" |
| }, |
| { |
| "vulnerable": true, |
| "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", |
| "versionEndExcluding": "4.14.240" |
| }, |
| { |
| "vulnerable": true, |
| "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", |
| "versionEndExcluding": "4.19.198" |
| }, |
| { |
| "vulnerable": true, |
| "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", |
| "versionEndExcluding": "5.4.133" |
| }, |
| { |
| "vulnerable": true, |
| "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", |
| "versionEndExcluding": "5.10.51" |
| }, |
| { |
| "vulnerable": true, |
| "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", |
| "versionEndExcluding": "5.12.18" |
| }, |
| { |
| "vulnerable": true, |
| "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", |
| "versionEndExcluding": "5.13.3" |
| }, |
| { |
| "vulnerable": true, |
| "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", |
| "versionEndExcluding": "5.14" |
| } |
| ] |
| } |
| ] |
| } |
| ], |
| "references": [ |
| { |
| "url": "https://git.kernel.org/stable/c/49331c07ef0f8fdfa42b30ba6a83a657b29d7fbe" |
| }, |
| { |
| "url": "https://git.kernel.org/stable/c/54ff3202928952a100c477248e65ac6db01258a7" |
| }, |
| { |
| "url": "https://git.kernel.org/stable/c/7867ddc5f3de7f289aee63233afc0df4b62834c5" |
| }, |
| { |
| "url": "https://git.kernel.org/stable/c/5f2818185da0fe82a932f0856633038b66faf124" |
| }, |
| { |
| "url": "https://git.kernel.org/stable/c/3ecd228c636ee17c14662729737fa07242a93cb0" |
| }, |
| { |
| "url": "https://git.kernel.org/stable/c/b7ee9ae1e0cf55a037c4a99af2acc5d78cb7802d" |
| }, |
| { |
| "url": "https://git.kernel.org/stable/c/61370ff07e0acc657559a8fac02551dfeb9d3020" |
| }, |
| { |
| "url": "https://git.kernel.org/stable/c/ed7c3739d0a07e2ec3ccbffe7e93cea01c438cda" |
| }, |
| { |
| "url": "https://git.kernel.org/stable/c/009fc857c5f6fda81f2f7dd851b2d54193a8e733" |
| } |
| ], |
| "title": "mISDN: fix possible use-after-free in HFC_cleanup()", |
| "x_generator": { |
| "engine": "bippy-1.2.0" |
| } |
| } |
| }, |
| "cveMetadata": { |
| "assignerOrgId": "f4215fc3-5b6b-47ff-a258-f7189bd81038", |
| "cveID": "CVE-2021-47356", |
| "requesterUserId": "gregkh@kernel.org", |
| "serial": "1", |
| "state": "PUBLISHED" |
| }, |
| "dataType": "CVE_RECORD", |
| "dataVersion": "5.0" |
| } |
