CVE-2021-47500
Published: May 24, 2024
Modified: May 11, 2026
Description
In the Linux kernel, the following vulnerability has been resolved: iio: mma8452: Fix trigger reference couting The mma8452 driver directly assigns a trigger to the struct iio_dev. The IIO core when done using this trigger will call `iio_trigger_put()` to drop the reference count by 1. Without the matching `iio_trigger_get()` in the driver the reference count can reach 0 too early, the trigger gets freed while still in use and a use-after-free occurs. Fix this by getting a reference to the trigger before assigning it to the IIO device.
| Vendor | Product | Versions |
|---|---|---|
Linux | Linux | affected ae6d9ce05691bf79694074db7c7da980080548af - < 094d513b78b1714113bc016684b8142382e071baaffected ae6d9ce05691bf79694074db7c7da980080548af - < fb75cc4740d81264cd5bcb0e17d961d018a8be96affected ae6d9ce05691bf79694074db7c7da980080548af - < 794c0898f6bf39a458655d5fb4af70ec43a5cfcbaffected ae6d9ce05691bf79694074db7c7da980080548af - < f5deab10ced368c807866283f8b79144c4823be8affected ae6d9ce05691bf79694074db7c7da980080548af - < acf0088ac073ca6e7f4cad6acac112177e08df5e+3 more versions |
Linux | Linux | affected 4.2unaffected 0 - < 4.2unaffected 4.4.295 - <= 4.4.*unaffected 4.9.293 - <= 4.9.*unaffected 4.14.258 - <= 4.14.*+5 more versions |
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now