CVE-2021-47361
Published: May 21, 2024
Modified: May 11, 2026
Description
In the Linux kernel, the following vulnerability has been resolved: mcb: fix error handling in mcb_alloc_bus() There are two bugs: 1) If ida_simple_get() fails then this code calls put_device(carrier) but we haven't yet called get_device(carrier) and probably that leads to a use after free. 2) After device_initialize() then we need to use put_device() to release the bus. This will free the internal resources tied to the device and call mcb_free_bus() which will free the rest.
| Vendor | Product | Versions |
|---|---|---|
Linux | Linux | affected 18d28819809909c3f24bb72183a901c5e332a63d - < 8a558261fa57a6deefb0925ab1829f698b194aeaaffected 18d28819809909c3f24bb72183a901c5e332a63d - < 115b07d9f47e3996430b8f2007edd9768e1f807faffected 18d28819809909c3f24bb72183a901c5e332a63d - < 66f74ba9be9daf9c47fface6af3677f602774f6baffected 18d28819809909c3f24bb72183a901c5e332a63d - < 7751f609eadf36b1f53712bae430019c53a16eb0affected 18d28819809909c3f24bb72183a901c5e332a63d - < 91e4ad05bf18322b5921d1a6c9b603f6eb1694f0+2 more versions |
Linux | Linux | affected 4.7unaffected 0 - < 4.7unaffected 4.9.285 - <= 4.9.*unaffected 4.14.249 - <= 4.14.*unaffected 4.19.209 - <= 4.19.*+4 more versions |
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now