CVE-2021-47334
Published: May 21, 2024
Modified: May 11, 2026
Description
In the Linux kernel, the following vulnerability has been resolved: misc/libmasm/module: Fix two use after free in ibmasm_init_one In ibmasm_init_one, it calls ibmasm_init_remote_input_dev(). Inside ibmasm_init_remote_input_dev, mouse_dev and keybd_dev are allocated by input_allocate_device(), and assigned to sp->remote.mouse_dev and sp->remote.keybd_dev respectively. In the err_free_devices error branch of ibmasm_init_one, mouse_dev and keybd_dev are freed by input_free_device(), and return error. Then the execution runs into error_send_message error branch of ibmasm_init_one, where ibmasm_free_remote_input_dev(sp) is called to unregister the freed sp->remote.mouse_dev and sp->remote.keybd_dev. My patch add a "error_init_remote" label to handle the error of ibmasm_init_remote_input_dev(), to avoid the uaf bugs.
| Vendor | Product | Versions |
|---|---|---|
Linux | Linux | affected 736ce43295682d060f2b93624b4a339f9af6aab1 - < 1512e7dc5eb08b7d92a12e2bfcd9cb8c4a1ec069affected 736ce43295682d060f2b93624b4a339f9af6aab1 - < 29ba8e2ba89ee2862a26d91204dd5fe77ceee25aaffected 736ce43295682d060f2b93624b4a339f9af6aab1 - < 5b06ca113bf197aab2ab61288f42506e0049fbabaffected 736ce43295682d060f2b93624b4a339f9af6aab1 - < 481a76d4749ee3a27f902ba213fdcbb4bb39720eaffected 736ce43295682d060f2b93624b4a339f9af6aab1 - < 38660031e80eaa6cc9370b031c180612f414b00d+4 more versions |
Linux | Linux | affected 2.6.16unaffected 0 - < 2.6.16unaffected 4.4.276 - <= 4.4.*unaffected 4.9.276 - <= 4.9.*unaffected 4.14.240 - <= 4.14.*+6 more versions |
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now