CVE-2021-47195

Published: Apr 10, 2024

Modified: May 23, 2026

PUBLISHED

Description

In the Linux kernel, the following vulnerability has been resolved: spi: fix use-after-free of the add_lock mutex Commit 6098475d4cb4 ("spi: Fix deadlock when adding SPI controllers on SPI buses") introduced a per-controller mutex. But mutex_unlock() of said lock is called after the controller is already freed: spi_unregister_controller(ctlr) -> put_device(&ctlr->dev) -> spi_controller_release(dev) -> mutex_unlock(&ctrl->add_lock) Move the put_device() after the mutex_unlock().

Vendor	Product	Versions
Linux	Linux	affected `aa3f3d7bef59583f2d3234173105a27ff61ef8fe - < 54c2c96eafcfd242e52e932ab54ace4784efe1dd` affected `c8dce228db6f81dbc897a018dfc5c418e917cf64 - < 11eab327a2a8bd36c38afbff920ae1bd45588dd4` affected `6098475d4cb48d821bdf453c61118c56e26294f0 - < 37330f37f6666c7739a44b2b6b95b047ccdbed2d` affected `6098475d4cb48d821bdf453c61118c56e26294f0 - < 6c53b45c71b4920b5e62f0ea8079a1da382b9434` affected `722ef19a161ce3fffb3d1b01ce2301c306639bdd` +1 more versions
Linux	Linux	affected `5.15` unaffected `0 - < 5.15` unaffected `5.15.5 - <= 5.15.` unaffected `5.16 - <= `

References

https://git.kernel.org/stable/c/54c2c96eafcfd242e52e932ab54ace4784efe1dd

https://git.kernel.org/stable/c/11eab327a2a8bd36c38afbff920ae1bd45588dd4

https://git.kernel.org/stable/c/37330f37f6666c7739a44b2b6b95b047ccdbed2d

https://git.kernel.org/stable/c/6c53b45c71b4920b5e62f0ea8079a1da382b9434

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2021-47195

Description

Affected Products

References