CVE-2021-46932 - Vulnerability Details

Vendors	Products
Linux	Linux Kernel

Link	Providers
https://git.kernel.org/stable/c/292d2ac61fb0d9276a0f7b7ce4f50426f2a1c99f
https://git.kernel.org/stable/c/975774ea7528b489930b76a77ffc4d5379b95ff2
https://git.kernel.org/stable/c/9f329d0d6c91142cf0ad08d23c72dd195db2633c
https://git.kernel.org/stable/c/9f3ccdc3f6ef10084ceb3a47df0961bec6196fd0
https://git.kernel.org/stable/c/a02e1404e27855089d2b0a0acc4652c2ce65fe46
https://git.kernel.org/stable/c/d1962f263a176f493400b8f91bfbf2bfedce951e
https://git.kernel.org/stable/c/d2cb2bf39a6d17ef4bdc0e59c1a35cf5751ad8f4
https://git.kernel.org/stable/c/e79ff8c68acb1eddf709d3ac84716868f2a91012
https://lore.kernel.org/linux-cve-announce/2024022750-CVE-2021-46932-3a36@gregkh/T/#u
https://nvd.nist.gov/vuln/detail/CVE-2021-46932
https://www.cve.org/CVERecord?id=CVE-2021-46932

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Show plain JSON

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2021-46932", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2024-02-25T13:45:52.720Z", "datePublished": "2024-02-27T09:44:00.108Z", "dateUpdated": "2025-05-04T07:00:36.105Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2025-05-04T07:00:36.105Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nInput: appletouch - initialize work before device registration\n\nSyzbot has reported warning in __flush_work(). This warning is caused by\nwork->func == NULL, which means missing work initialization.\n\nThis may happen, since input_dev->close() calls\ncancel_work_sync(&dev->work), but dev->work initalization happens _after_\ninput_register_device() call.\n\nSo this patch moves dev->work initialization before registering input\ndevice"}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/input/mouse/appletouch.c"], "versions": [{"version": "5a6eb676d3bc4d7a6feab200a92437b62ad298da", "lessThan": "d2cb2bf39a6d17ef4bdc0e59c1a35cf5751ad8f4", "status": "affected", "versionType": "git"}, {"version": "5a6eb676d3bc4d7a6feab200a92437b62ad298da", "lessThan": "d1962f263a176f493400b8f91bfbf2bfedce951e", "status": "affected", "versionType": "git"}, {"version": "5a6eb676d3bc4d7a6feab200a92437b62ad298da", "lessThan": "292d2ac61fb0d9276a0f7b7ce4f50426f2a1c99f", "status": "affected", "versionType": "git"}, {"version": "5a6eb676d3bc4d7a6feab200a92437b62ad298da", "lessThan": "a02e1404e27855089d2b0a0acc4652c2ce65fe46", "status": "affected", "versionType": "git"}, {"version": "5a6eb676d3bc4d7a6feab200a92437b62ad298da", "lessThan": "975774ea7528b489930b76a77ffc4d5379b95ff2", "status": "affected", "versionType": "git"}, {"version": "5a6eb676d3bc4d7a6feab200a92437b62ad298da", "lessThan": "9f329d0d6c91142cf0ad08d23c72dd195db2633c", "status": "affected", "versionType": "git"}, {"version": "5a6eb676d3bc4d7a6feab200a92437b62ad298da", "lessThan": "e79ff8c68acb1eddf709d3ac84716868f2a91012", "status": "affected", "versionType": "git"}, {"version": "5a6eb676d3bc4d7a6feab200a92437b62ad298da", "lessThan": "9f3ccdc3f6ef10084ceb3a47df0961bec6196fd0", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/input/mouse/appletouch.c"], "versions": [{"version": "2.6.23", "status": "affected"}, {"version": "0", "lessThan": "2.6.23", "status": "unaffected", "versionType": "semver"}, {"version": "4.4.298", "lessThanOrEqual": "4.4.*", "status": "unaffected", "versionType": "semver"}, {"version": "4.9.296", "lessThanOrEqual": "4.9.*", "status": "unaffected", "versionType": "semver"}, {"version": "4.14.261", "lessThanOrEqual": "4.14.*", "status": "unaffected", "versionType": "semver"}, {"version": "4.19.224", "lessThanOrEqual": "4.19.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.4.170", "lessThanOrEqual": "5.4.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.10.90", "lessThanOrEqual": "5.10.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.15.13", "lessThanOrEqual": "5.15.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.16", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "2.6.23", "versionEndExcluding": "4.4.298"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "2.6.23", "versionEndExcluding": "4.9.296"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "2.6.23", "versionEndExcluding": "4.14.261"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "2.6.23", "versionEndExcluding": "4.19.224"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "2.6.23", "versionEndExcluding": "5.4.170"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "2.6.23", "versionEndExcluding": "5.10.90"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "2.6.23", "versionEndExcluding": "5.15.13"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "2.6.23", "versionEndExcluding": "5.16"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/d2cb2bf39a6d17ef4bdc0e59c1a35cf5751ad8f4"}, {"url": "https://git.kernel.org/stable/c/d1962f263a176f493400b8f91bfbf2bfedce951e"}, {"url": "https://git.kernel.org/stable/c/292d2ac61fb0d9276a0f7b7ce4f50426f2a1c99f"}, {"url": "https://git.kernel.org/stable/c/a02e1404e27855089d2b0a0acc4652c2ce65fe46"}, {"url": "https://git.kernel.org/stable/c/975774ea7528b489930b76a77ffc4d5379b95ff2"}, {"url": "https://git.kernel.org/stable/c/9f329d0d6c91142cf0ad08d23c72dd195db2633c"}, {"url": "https://git.kernel.org/stable/c/e79ff8c68acb1eddf709d3ac84716868f2a91012"}, {"url": "https://git.kernel.org/stable/c/9f3ccdc3f6ef10084ceb3a47df0961bec6196fd0"}], "title": "Input: appletouch - initialize work before device registration", "x_generator": {"engine": "bippy-1.2.0"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2021-46932", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-02-27T16:12:57.763250Z"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-07-05T17:22:01.591Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T05:17:42.851Z"}, "title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/d2cb2bf39a6d17ef4bdc0e59c1a35cf5751ad8f4", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/d1962f263a176f493400b8f91bfbf2bfedce951e", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/292d2ac61fb0d9276a0f7b7ce4f50426f2a1c99f", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/a02e1404e27855089d2b0a0acc4652c2ce65fe46", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/975774ea7528b489930b76a77ffc4d5379b95ff2", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/9f329d0d6c91142cf0ad08d23c72dd195db2633c", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/e79ff8c68acb1eddf709d3ac84716868f2a91012", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/9f3ccdc3f6ef10084ceb3a47df0961bec6196fd0", "tags": ["x_transferred"]}]}]}}

{

dataType : CVE_RECORD (string)

dataVersion : 5.1 (string)

cveMetadata : { »

cveId : CVE-2021-46932 (string)

assignerOrgId : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

state : PUBLISHED (string)

assignerShortName : Linux (string)

dateReserved : 2024-02-25T13:45:52.720Z (string)

datePublished : 2024-02-27T09:44:00.108Z (string)

dateUpdated : 2025-05-04T07:00:36.105Z (string)

}

containers : { »

cna : { »

providerMetadata : { »

orgId : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

shortName : Linux (string)

dateUpdated : 2025-05-04T07:00:36.105Z (string)

}

descriptions : [ »

0 : { »

lang : en (string)

value : In the Linux kernel, the following vulnerability has been resolved: Input: appletouch - initialize work before device registration Syzbot has reported warning in __flush_work(). This warning is caused by work->func == NULL, which means missing work initialization. This may happen, since input_dev->close() calls cancel_work_sync(&dev->work), but dev->work initalization happens _after_ input_register_device() call. So this patch moves dev->work initialization before registering input device (string)

}

]

affected : [ »

0 : { »

product : Linux (string)

vendor : Linux (string)

defaultStatus : unaffected (string)

repo : https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git (string)

programFiles : [ »

0 : drivers/input/mouse/appletouch.c (string)

]

versions : [ »

0 : { »

version : 5a6eb676d3bc4d7a6feab200a92437b62ad298da (string)

lessThan : d2cb2bf39a6d17ef4bdc0e59c1a35cf5751ad8f4 (string)

status : affected (string)

versionType : git (string)

}

1 : { »

version : 5a6eb676d3bc4d7a6feab200a92437b62ad298da (string)

lessThan : d1962f263a176f493400b8f91bfbf2bfedce951e (string)

status : affected (string)

versionType : git (string)

}

2 : { »

version : 5a6eb676d3bc4d7a6feab200a92437b62ad298da (string)

lessThan : 292d2ac61fb0d9276a0f7b7ce4f50426f2a1c99f (string)

status : affected (string)

versionType : git (string)

}

3 : { »

version : 5a6eb676d3bc4d7a6feab200a92437b62ad298da (string)

lessThan : a02e1404e27855089d2b0a0acc4652c2ce65fe46 (string)

status : affected (string)

versionType : git (string)

}

4 : { »

version : 5a6eb676d3bc4d7a6feab200a92437b62ad298da (string)

lessThan : 975774ea7528b489930b76a77ffc4d5379b95ff2 (string)

status : affected (string)

versionType : git (string)

}

5 : { »

version : 5a6eb676d3bc4d7a6feab200a92437b62ad298da (string)

lessThan : 9f329d0d6c91142cf0ad08d23c72dd195db2633c (string)

status : affected (string)

versionType : git (string)

}

6 : { »

version : 5a6eb676d3bc4d7a6feab200a92437b62ad298da (string)

lessThan : e79ff8c68acb1eddf709d3ac84716868f2a91012 (string)

status : affected (string)

versionType : git (string)

}

7 : { »

version : 5a6eb676d3bc4d7a6feab200a92437b62ad298da (string)

lessThan : 9f3ccdc3f6ef10084ceb3a47df0961bec6196fd0 (string)

status : affected (string)

versionType : git (string)

}

]

}

1 : { »

product : Linux (string)

vendor : Linux (string)

defaultStatus : affected (string)

repo : https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git (string)

programFiles : [ »

0 : drivers/input/mouse/appletouch.c (string)

]

versions : [ »

0 : { »

version : 2.6.23 (string)

status : affected (string)

}

1 : { »

version : 0 (string)

lessThan : 2.6.23 (string)

status : unaffected (string)

versionType : semver (string)

}

2 : { »

version : 4.4.298 (string)

lessThanOrEqual : 4.4.* (string)

status : unaffected (string)

versionType : semver (string)

}

3 : { »

version : 4.9.296 (string)

lessThanOrEqual : 4.9.* (string)

status : unaffected (string)

versionType : semver (string)

}

4 : { »

version : 4.14.261 (string)

lessThanOrEqual : 4.14.* (string)

status : unaffected (string)

versionType : semver (string)

}

5 : { »

version : 4.19.224 (string)

lessThanOrEqual : 4.19.* (string)

status : unaffected (string)

versionType : semver (string)

}

6 : { »

version : 5.4.170 (string)

lessThanOrEqual : 5.4.* (string)

status : unaffected (string)

versionType : semver (string)

}

7 : { »

version : 5.10.90 (string)

lessThanOrEqual : 5.10.* (string)

status : unaffected (string)

versionType : semver (string)

}

8 : { »

version : 5.15.13 (string)

lessThanOrEqual : 5.15.* (string)

status : unaffected (string)

versionType : semver (string)

}

9 : { »

version : 5.16 (string)

lessThanOrEqual : * (string)

status : unaffected (string)

versionType : original_commit_for_fix (string)

}

]

}

]

cpeApplicability : [ »

0 : { »

nodes : [ »

0 : { »

operator : OR (string)

negate : false (boolean)

cpeMatch : [ »

0 : { »

vulnerable : true (boolean)

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

versionStartIncluding : 2.6.23 (string)

versionEndExcluding : 4.4.298 (string)

}

1 : { »

vulnerable : true (boolean)

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

versionStartIncluding : 2.6.23 (string)

versionEndExcluding : 4.9.296 (string)

}

2 : { »

vulnerable : true (boolean)

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

versionStartIncluding : 2.6.23 (string)

versionEndExcluding : 4.14.261 (string)

}

3 : { »

vulnerable : true (boolean)

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

versionStartIncluding : 2.6.23 (string)

versionEndExcluding : 4.19.224 (string)

}

4 : { »

vulnerable : true (boolean)

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

versionStartIncluding : 2.6.23 (string)

versionEndExcluding : 5.4.170 (string)

}

5 : { »

vulnerable : true (boolean)

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

versionStartIncluding : 2.6.23 (string)

versionEndExcluding : 5.10.90 (string)

}

6 : { »

vulnerable : true (boolean)

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

versionStartIncluding : 2.6.23 (string)

versionEndExcluding : 5.15.13 (string)

}

7 : { »

vulnerable : true (boolean)

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

versionStartIncluding : 2.6.23 (string)

versionEndExcluding : 5.16 (string)

}

]

}

]

}

]

references : [ »

0 : { »

url : https://git.kernel.org/stable/c/d2cb2bf39a6d17ef4bdc0e59c1a35cf5751ad8f4 (string)

}

1 : { »

url : https://git.kernel.org/stable/c/d1962f263a176f493400b8f91bfbf2bfedce951e (string)

}

2 : { »

url : https://git.kernel.org/stable/c/292d2ac61fb0d9276a0f7b7ce4f50426f2a1c99f (string)

}

3 : { »

url : https://git.kernel.org/stable/c/a02e1404e27855089d2b0a0acc4652c2ce65fe46 (string)

}

4 : { »

url : https://git.kernel.org/stable/c/975774ea7528b489930b76a77ffc4d5379b95ff2 (string)

}

5 : { »

url : https://git.kernel.org/stable/c/9f329d0d6c91142cf0ad08d23c72dd195db2633c (string)

}

6 : { »

url : https://git.kernel.org/stable/c/e79ff8c68acb1eddf709d3ac84716868f2a91012 (string)

}

7 : { »

url : https://git.kernel.org/stable/c/9f3ccdc3f6ef10084ceb3a47df0961bec6196fd0 (string)

}

]

title : Input: appletouch - initialize work before device registration (string)

x_generator : { »

engine : bippy-1.2.0 (string)

}

adp : [ »

0 : { »

metrics : [ »

0 : { »

other : { »

type : ssvc (string)

content : { »

id : CVE-2021-46932 (string)

role : CISA Coordinator (string)

options : [ »

0 : { »

Exploitation : none (string)

}

1 : { »

Automatable : no (string)

}

2 : { »

Technical Impact : partial (string)

}

]

version : 2.0.3 (string)

timestamp : 2024-02-27T16:12:57.763250Z (string)

}

]

title : CISA ADP Vulnrichment (string)

providerMetadata : { »

orgId : 134c704f-9b21-4f2e-91b3-4a467353bcc0 (string)

shortName : CISA-ADP (string)

dateUpdated : 2024-07-05T17:22:01.591Z (string)

}

1 : { »

providerMetadata : { »

orgId : af854a3a-2127-422b-91ae-364da2661108 (string)

shortName : CVE (string)

dateUpdated : 2024-08-04T05:17:42.851Z (string)

}

title : CVE Program Container (string)

references : [ »

0 : { »

url : https://git.kernel.org/stable/c/d2cb2bf39a6d17ef4bdc0e59c1a35cf5751ad8f4 (string)

tags : [ »

0 : x_transferred (string)

]

}

1 : { »

url : https://git.kernel.org/stable/c/d1962f263a176f493400b8f91bfbf2bfedce951e (string)

tags : [ »

0 : x_transferred (string)

]

}

2 : { »

url : https://git.kernel.org/stable/c/292d2ac61fb0d9276a0f7b7ce4f50426f2a1c99f (string)

tags : [ »

0 : x_transferred (string)

]

}

3 : { »

url : https://git.kernel.org/stable/c/a02e1404e27855089d2b0a0acc4652c2ce65fe46 (string)

tags : [ »

0 : x_transferred (string)

]

}

4 : { »

url : https://git.kernel.org/stable/c/975774ea7528b489930b76a77ffc4d5379b95ff2 (string)

tags : [ »

0 : x_transferred (string)

]

}

5 : { »

url : https://git.kernel.org/stable/c/9f329d0d6c91142cf0ad08d23c72dd195db2633c (string)

tags : [ »

0 : x_transferred (string)

]

}

6 : { »

url : https://git.kernel.org/stable/c/e79ff8c68acb1eddf709d3ac84716868f2a91012 (string)

tags : [ »

0 : x_transferred (string)

]

}

7 : { »

url : https://git.kernel.org/stable/c/9f3ccdc3f6ef10084ceb3a47df0961bec6196fd0 (string)

tags : [ »

0 : x_transferred (string)

]

}

]

}

]

}

Show plain JSON

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/d2cb2bf39a6d17ef4bdc0e59c1a35cf5751ad8f4", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/d1962f263a176f493400b8f91bfbf2bfedce951e", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/292d2ac61fb0d9276a0f7b7ce4f50426f2a1c99f", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/a02e1404e27855089d2b0a0acc4652c2ce65fe46", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/975774ea7528b489930b76a77ffc4d5379b95ff2", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/9f329d0d6c91142cf0ad08d23c72dd195db2633c", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/e79ff8c68acb1eddf709d3ac84716868f2a91012", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/9f3ccdc3f6ef10084ceb3a47df0961bec6196fd0", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T05:17:42.851Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2021-46932", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-02-27T16:12:57.763250Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-07-05T15:20:40.973Z"}}], "cna": {"title": "Input: appletouch - initialize work before device registration", "affected": [{"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "5a6eb676d3bc4d7a6feab200a92437b62ad298da", "lessThan": "d2cb2bf39a6d17ef4bdc0e59c1a35cf5751ad8f4", "versionType": "git"}, {"status": "affected", "version": "5a6eb676d3bc4d7a6feab200a92437b62ad298da", "lessThan": "d1962f263a176f493400b8f91bfbf2bfedce951e", "versionType": "git"}, {"status": "affected", "version": "5a6eb676d3bc4d7a6feab200a92437b62ad298da", "lessThan": "292d2ac61fb0d9276a0f7b7ce4f50426f2a1c99f", "versionType": "git"}, {"status": "affected", "version": "5a6eb676d3bc4d7a6feab200a92437b62ad298da", "lessThan": "a02e1404e27855089d2b0a0acc4652c2ce65fe46", "versionType": "git"}, {"status": "affected", "version": "5a6eb676d3bc4d7a6feab200a92437b62ad298da", "lessThan": "975774ea7528b489930b76a77ffc4d5379b95ff2", "versionType": "git"}, {"status": "affected", "version": "5a6eb676d3bc4d7a6feab200a92437b62ad298da", "lessThan": "9f329d0d6c91142cf0ad08d23c72dd195db2633c", "versionType": "git"}, {"status": "affected", "version": "5a6eb676d3bc4d7a6feab200a92437b62ad298da", "lessThan": "e79ff8c68acb1eddf709d3ac84716868f2a91012", "versionType": "git"}, {"status": "affected", "version": "5a6eb676d3bc4d7a6feab200a92437b62ad298da", "lessThan": "9f3ccdc3f6ef10084ceb3a47df0961bec6196fd0", "versionType": "git"}], "programFiles": ["drivers/input/mouse/appletouch.c"], "defaultStatus": "unaffected"}, {"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "2.6.23"}, {"status": "unaffected", "version": "0", "lessThan": "2.6.23", "versionType": "semver"}, {"status": "unaffected", "version": "4.4.298", "versionType": "semver", "lessThanOrEqual": "4.4.*"}, {"status": "unaffected", "version": "4.9.296", "versionType": "semver", "lessThanOrEqual": "4.9.*"}, {"status": "unaffected", "version": "4.14.261", "versionType": "semver", "lessThanOrEqual": "4.14.*"}, {"status": "unaffected", "version": "4.19.224", "versionType": "semver", "lessThanOrEqual": "4.19.*"}, {"status": "unaffected", "version": "5.4.170", "versionType": "semver", "lessThanOrEqual": "5.4.*"}, {"status": "unaffected", "version": "5.10.90", "versionType": "semver", "lessThanOrEqual": "5.10.*"}, {"status": "unaffected", "version": "5.15.13", "versionType": "semver", "lessThanOrEqual": "5.15.*"}, {"status": "unaffected", "version": "5.16", "versionType": "original_commit_for_fix", "lessThanOrEqual": "*"}], "programFiles": ["drivers/input/mouse/appletouch.c"], "defaultStatus": "affected"}], "references": [{"url": "https://git.kernel.org/stable/c/d2cb2bf39a6d17ef4bdc0e59c1a35cf5751ad8f4"}, {"url": "https://git.kernel.org/stable/c/d1962f263a176f493400b8f91bfbf2bfedce951e"}, {"url": "https://git.kernel.org/stable/c/292d2ac61fb0d9276a0f7b7ce4f50426f2a1c99f"}, {"url": "https://git.kernel.org/stable/c/a02e1404e27855089d2b0a0acc4652c2ce65fe46"}, {"url": "https://git.kernel.org/stable/c/975774ea7528b489930b76a77ffc4d5379b95ff2"}, {"url": "https://git.kernel.org/stable/c/9f329d0d6c91142cf0ad08d23c72dd195db2633c"}, {"url": "https://git.kernel.org/stable/c/e79ff8c68acb1eddf709d3ac84716868f2a91012"}, {"url": "https://git.kernel.org/stable/c/9f3ccdc3f6ef10084ceb3a47df0961bec6196fd0"}], "x_generator": {"engine": "bippy-1.2.0"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nInput: appletouch - initialize work before device registration\n\nSyzbot has reported warning in __flush_work(). This warning is caused by\nwork->func == NULL, which means missing work initialization.\n\nThis may happen, since input_dev->close() calls\ncancel_work_sync(&dev->work), but dev->work initalization happens _after_\ninput_register_device() call.\n\nSo this patch moves dev->work initialization before registering input\ndevice"}], "cpeApplicability": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "4.4.298", "versionStartIncluding": "2.6.23"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "4.9.296", "versionStartIncluding": "2.6.23"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "4.14.261", "versionStartIncluding": "2.6.23"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "4.19.224", "versionStartIncluding": "2.6.23"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "5.4.170", "versionStartIncluding": "2.6.23"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "5.10.90", "versionStartIncluding": "2.6.23"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "5.15.13", "versionStartIncluding": "2.6.23"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "5.16", "versionStartIncluding": "2.6.23"}], "operator": "OR"}]}], "providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2025-05-04T07:00:36.105Z"}}}, "cveMetadata": {"cveId": "CVE-2021-46932", "state": "PUBLISHED", "dateUpdated": "2025-05-04T07:00:36.105Z", "dateReserved": "2024-02-25T13:45:52.720Z", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "datePublished": "2024-02-27T09:44:00.108Z", "assignerShortName": "Linux"}, "dataVersion": "5.1"}

{

dataType : CVE_RECORD (string)

containers : { »

adp : [ »

0 : { »

title : CVE Program Container (string)

references : [ »

0 : { »

url : https://git.kernel.org/stable/c/d2cb2bf39a6d17ef4bdc0e59c1a35cf5751ad8f4 (string)

tags : [ »

0 : x_transferred (string)

]

}

1 : { »

url : https://git.kernel.org/stable/c/d1962f263a176f493400b8f91bfbf2bfedce951e (string)

tags : [ »

0 : x_transferred (string)

]

}

2 : { »

url : https://git.kernel.org/stable/c/292d2ac61fb0d9276a0f7b7ce4f50426f2a1c99f (string)

tags : [ »

0 : x_transferred (string)

]

}

3 : { »

url : https://git.kernel.org/stable/c/a02e1404e27855089d2b0a0acc4652c2ce65fe46 (string)

tags : [ »

0 : x_transferred (string)

]

}

4 : { »

url : https://git.kernel.org/stable/c/975774ea7528b489930b76a77ffc4d5379b95ff2 (string)

tags : [ »

0 : x_transferred (string)

]

}

5 : { »

url : https://git.kernel.org/stable/c/9f329d0d6c91142cf0ad08d23c72dd195db2633c (string)

tags : [ »

0 : x_transferred (string)

]

}

6 : { »

url : https://git.kernel.org/stable/c/e79ff8c68acb1eddf709d3ac84716868f2a91012 (string)

tags : [ »

0 : x_transferred (string)

]

}

7 : { »

url : https://git.kernel.org/stable/c/9f3ccdc3f6ef10084ceb3a47df0961bec6196fd0 (string)

tags : [ »

0 : x_transferred (string)

]

}

]

providerMetadata : { »

orgId : af854a3a-2127-422b-91ae-364da2661108 (string)

shortName : CVE (string)

dateUpdated : 2024-08-04T05:17:42.851Z (string)

}

1 : { »

title : CISA ADP Vulnrichment (string)

metrics : [ »

0 : { »

other : { »

type : ssvc (string)

content : { »

id : CVE-2021-46932 (string)

role : CISA Coordinator (string)

options : [ »

0 : { »

Exploitation : none (string)

}

1 : { »

Automatable : no (string)

}

2 : { »

Technical Impact : partial (string)

}

]

version : 2.0.3 (string)

timestamp : 2024-02-27T16:12:57.763250Z (string)

}

]

providerMetadata : { »

orgId : 134c704f-9b21-4f2e-91b3-4a467353bcc0 (string)

shortName : CISA-ADP (string)

dateUpdated : 2024-07-05T15:20:40.973Z (string)

}

]

cna : { »

title : Input: appletouch - initialize work before device registration (string)

affected : [ »

0 : { »

repo : https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git (string)

vendor : Linux (string)

product : Linux (string)

versions : [ »

0 : { »

status : affected (string)

version : 5a6eb676d3bc4d7a6feab200a92437b62ad298da (string)

lessThan : d2cb2bf39a6d17ef4bdc0e59c1a35cf5751ad8f4 (string)

versionType : git (string)

}

1 : { »

status : affected (string)

version : 5a6eb676d3bc4d7a6feab200a92437b62ad298da (string)

lessThan : d1962f263a176f493400b8f91bfbf2bfedce951e (string)

versionType : git (string)

}

2 : { »

status : affected (string)

version : 5a6eb676d3bc4d7a6feab200a92437b62ad298da (string)

lessThan : 292d2ac61fb0d9276a0f7b7ce4f50426f2a1c99f (string)

versionType : git (string)

}

3 : { »

status : affected (string)

version : 5a6eb676d3bc4d7a6feab200a92437b62ad298da (string)

lessThan : a02e1404e27855089d2b0a0acc4652c2ce65fe46 (string)

versionType : git (string)

}

4 : { »

status : affected (string)

version : 5a6eb676d3bc4d7a6feab200a92437b62ad298da (string)

lessThan : 975774ea7528b489930b76a77ffc4d5379b95ff2 (string)

versionType : git (string)

}

5 : { »

status : affected (string)

version : 5a6eb676d3bc4d7a6feab200a92437b62ad298da (string)

lessThan : 9f329d0d6c91142cf0ad08d23c72dd195db2633c (string)

versionType : git (string)

}

6 : { »

status : affected (string)

version : 5a6eb676d3bc4d7a6feab200a92437b62ad298da (string)

lessThan : e79ff8c68acb1eddf709d3ac84716868f2a91012 (string)

versionType : git (string)

}

7 : { »

status : affected (string)

version : 5a6eb676d3bc4d7a6feab200a92437b62ad298da (string)

lessThan : 9f3ccdc3f6ef10084ceb3a47df0961bec6196fd0 (string)

versionType : git (string)

}

]

programFiles : [ »

0 : drivers/input/mouse/appletouch.c (string)

]

defaultStatus : unaffected (string)

}

1 : { »

repo : https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git (string)

vendor : Linux (string)

product : Linux (string)

versions : [ »

0 : { »

status : affected (string)

version : 2.6.23 (string)

}

1 : { »

status : unaffected (string)

version : 0 (string)

lessThan : 2.6.23 (string)

versionType : semver (string)

}

2 : { »

status : unaffected (string)

version : 4.4.298 (string)

versionType : semver (string)

lessThanOrEqual : 4.4.* (string)

}

3 : { »

status : unaffected (string)

version : 4.9.296 (string)

versionType : semver (string)

lessThanOrEqual : 4.9.* (string)

}

4 : { »

status : unaffected (string)

version : 4.14.261 (string)

versionType : semver (string)

lessThanOrEqual : 4.14.* (string)

}

5 : { »

status : unaffected (string)

version : 4.19.224 (string)

versionType : semver (string)

lessThanOrEqual : 4.19.* (string)

}

6 : { »

status : unaffected (string)

version : 5.4.170 (string)

versionType : semver (string)

lessThanOrEqual : 5.4.* (string)

}

7 : { »

status : unaffected (string)

version : 5.10.90 (string)

versionType : semver (string)

lessThanOrEqual : 5.10.* (string)

}

8 : { »

status : unaffected (string)

version : 5.15.13 (string)

versionType : semver (string)

lessThanOrEqual : 5.15.* (string)

}

9 : { »

status : unaffected (string)

version : 5.16 (string)

versionType : original_commit_for_fix (string)

lessThanOrEqual : * (string)

}

]

programFiles : [ »

0 : drivers/input/mouse/appletouch.c (string)

]

defaultStatus : affected (string)

}

]

references : [ »

0 : { »

url : https://git.kernel.org/stable/c/d2cb2bf39a6d17ef4bdc0e59c1a35cf5751ad8f4 (string)

}

1 : { »

url : https://git.kernel.org/stable/c/d1962f263a176f493400b8f91bfbf2bfedce951e (string)

}

2 : { »

url : https://git.kernel.org/stable/c/292d2ac61fb0d9276a0f7b7ce4f50426f2a1c99f (string)

}

3 : { »

url : https://git.kernel.org/stable/c/a02e1404e27855089d2b0a0acc4652c2ce65fe46 (string)

}

4 : { »

url : https://git.kernel.org/stable/c/975774ea7528b489930b76a77ffc4d5379b95ff2 (string)

}

5 : { »

url : https://git.kernel.org/stable/c/9f329d0d6c91142cf0ad08d23c72dd195db2633c (string)

}

6 : { »

url : https://git.kernel.org/stable/c/e79ff8c68acb1eddf709d3ac84716868f2a91012 (string)

}

7 : { »

url : https://git.kernel.org/stable/c/9f3ccdc3f6ef10084ceb3a47df0961bec6196fd0 (string)

}

]

x_generator : { »

engine : bippy-1.2.0 (string)

}

descriptions : [ »

0 : { »

lang : en (string)

value : In the Linux kernel, the following vulnerability has been resolved: Input: appletouch - initialize work before device registration Syzbot has reported warning in __flush_work(). This warning is caused by work->func == NULL, which means missing work initialization. This may happen, since input_dev->close() calls cancel_work_sync(&dev->work), but dev->work initalization happens _after_ input_register_device() call. So this patch moves dev->work initialization before registering input device (string)

}

]

cpeApplicability : [ »

0 : { »

nodes : [ »

0 : { »

negate : false (boolean)

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

vulnerable : true (boolean)

versionEndExcluding : 4.4.298 (string)

versionStartIncluding : 2.6.23 (string)

}

1 : { »

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

vulnerable : true (boolean)

versionEndExcluding : 4.9.296 (string)

versionStartIncluding : 2.6.23 (string)

}

2 : { »

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

vulnerable : true (boolean)

versionEndExcluding : 4.14.261 (string)

versionStartIncluding : 2.6.23 (string)

}

3 : { »

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

vulnerable : true (boolean)

versionEndExcluding : 4.19.224 (string)

versionStartIncluding : 2.6.23 (string)

}

4 : { »

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

vulnerable : true (boolean)

versionEndExcluding : 5.4.170 (string)

versionStartIncluding : 2.6.23 (string)

}

5 : { »

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

vulnerable : true (boolean)

versionEndExcluding : 5.10.90 (string)

versionStartIncluding : 2.6.23 (string)

}

6 : { »

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

vulnerable : true (boolean)

versionEndExcluding : 5.15.13 (string)

versionStartIncluding : 2.6.23 (string)

}

7 : { »

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

vulnerable : true (boolean)

versionEndExcluding : 5.16 (string)

versionStartIncluding : 2.6.23 (string)

}

]

operator : OR (string)

}

]

}

]

providerMetadata : { »

orgId : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

shortName : Linux (string)

dateUpdated : 2025-05-04T07:00:36.105Z (string)

}

cveMetadata : { »

cveId : CVE-2021-46932 (string)

state : PUBLISHED (string)

dateUpdated : 2025-05-04T07:00:36.105Z (string)

dateReserved : 2024-02-25T13:45:52.720Z (string)

assignerOrgId : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

datePublished : 2024-02-27T09:44:00.108Z (string)

assignerShortName : Linux (string)

}

dataVersion : 5.1 (string)

}

Show plain JSON

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "BA4A6C50-3FFF-4800-9BCC-88823A3D2798", "versionEndExcluding": "4.4.298", "versionStartIncluding": "2.6.23", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "883CB22B-11DA-4D54-8121-3F5494EDBD4C", "versionEndExcluding": "4.9.296", "versionStartIncluding": "4.5.0", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "B5D4F856-5F69-4F4A-911F-50A21B9A68B6", "versionEndExcluding": "4.14.261", "versionStartIncluding": "4.10.0", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "B34A1353-506A-4AB9-87EC-CD50F09DFB8A", "versionEndExcluding": "4.19.224", "versionStartIncluding": "4.15.0", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "56D16FBB-453E-4316-A027-E517828203D7", "versionEndExcluding": "5.4.170", "versionStartIncluding": "4.20.0", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "C87FB3FD-3E74-4588-A1A4-B9BA8AE0C06B", "versionEndExcluding": "5.10.90", "versionStartIncluding": "5.5.0", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "083E0940-932B-447B-A6B2-677DAE27FD04", "versionEndExcluding": "5.15.13", "versionStartIncluding": "5.11.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nInput: appletouch - initialize work before device registration\n\nSyzbot has reported warning in __flush_work(). This warning is caused by\nwork->func == NULL, which means missing work initialization.\n\nThis may happen, since input_dev->close() calls\ncancel_work_sync(&dev->work), but dev->work initalization happens _after_\ninput_register_device() call.\n\nSo this patch moves dev->work initialization before registering input\ndevice"}, {"lang": "es", "value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: Entrada: appletouch: inicializa el trabajo antes del registro del dispositivo Syzbot ha informado una advertencia en __flush_work(). Esta advertencia es causada por work-&gt;func == NULL, lo que significa que falta la inicializaci\u00f3n del trabajo. Esto puede suceder, ya que input_dev-&gt;close() llama a cancel_work_sync(&amp;dev-&gt;work), pero la inicializaci\u00f3n dev-&gt;work ocurre _despu\u00e9s_ de la llamada input_register_device(). Entonces este parche mueve la inicializaci\u00f3n dev-&gt;work antes de registrar el dispositivo de entrada"}], "id": "CVE-2021-46932", "lastModified": "2024-11-21T06:34:57.780", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2024-02-27T10:15:07.753", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/292d2ac61fb0d9276a0f7b7ce4f50426f2a1c99f"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/975774ea7528b489930b76a77ffc4d5379b95ff2"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/9f329d0d6c91142cf0ad08d23c72dd195db2633c"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/9f3ccdc3f6ef10084ceb3a47df0961bec6196fd0"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/a02e1404e27855089d2b0a0acc4652c2ce65fe46"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/d1962f263a176f493400b8f91bfbf2bfedce951e"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/d2cb2bf39a6d17ef4bdc0e59c1a35cf5751ad8f4"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/e79ff8c68acb1eddf709d3ac84716868f2a91012"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/292d2ac61fb0d9276a0f7b7ce4f50426f2a1c99f"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/975774ea7528b489930b76a77ffc4d5379b95ff2"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/9f329d0d6c91142cf0ad08d23c72dd195db2633c"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/9f3ccdc3f6ef10084ceb3a47df0961bec6196fd0"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/a02e1404e27855089d2b0a0acc4652c2ce65fe46"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/d1962f263a176f493400b8f91bfbf2bfedce951e"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/d2cb2bf39a6d17ef4bdc0e59c1a35cf5751ad8f4"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/e79ff8c68acb1eddf709d3ac84716868f2a91012"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-665"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{

configurations : [ »

0 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

matchCriteriaId : BA4A6C50-3FFF-4800-9BCC-88823A3D2798 (string)

versionEndExcluding : 4.4.298 (string)

versionStartIncluding : 2.6.23 (string)

vulnerable : true (boolean)

}

1 : { »

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 883CB22B-11DA-4D54-8121-3F5494EDBD4C (string)

versionEndExcluding : 4.9.296 (string)

versionStartIncluding : 4.5.0 (string)

vulnerable : true (boolean)

}

2 : { »

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

matchCriteriaId : B5D4F856-5F69-4F4A-911F-50A21B9A68B6 (string)

versionEndExcluding : 4.14.261 (string)

versionStartIncluding : 4.10.0 (string)

vulnerable : true (boolean)

}

3 : { »

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

matchCriteriaId : B34A1353-506A-4AB9-87EC-CD50F09DFB8A (string)

versionEndExcluding : 4.19.224 (string)

versionStartIncluding : 4.15.0 (string)

vulnerable : true (boolean)

}

4 : { »

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 56D16FBB-453E-4316-A027-E517828203D7 (string)

versionEndExcluding : 5.4.170 (string)

versionStartIncluding : 4.20.0 (string)

vulnerable : true (boolean)

}

5 : { »

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

matchCriteriaId : C87FB3FD-3E74-4588-A1A4-B9BA8AE0C06B (string)

versionEndExcluding : 5.10.90 (string)

versionStartIncluding : 5.5.0 (string)

vulnerable : true (boolean)

}

6 : { »

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 083E0940-932B-447B-A6B2-677DAE27FD04 (string)

versionEndExcluding : 5.15.13 (string)

versionStartIncluding : 5.11.0 (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

}

]

descriptions : [ »

0 : { »

lang : en (string)

value : In the Linux kernel, the following vulnerability has been resolved: Input: appletouch - initialize work before device registration Syzbot has reported warning in __flush_work(). This warning is caused by work->func == NULL, which means missing work initialization. This may happen, since input_dev->close() calls cancel_work_sync(&dev->work), but dev->work initalization happens _after_ input_register_device() call. So this patch moves dev->work initialization before registering input device (string)

}

1 : { »

lang : es (string)

value : En el kernel de Linux, se resolvió la siguiente vulnerabilidad: Entrada: appletouch: inicializa el trabajo antes del registro del dispositivo Syzbot ha informado una advertencia en __flush_work(). Esta advertencia es causada por work->func == NULL, lo que significa que falta la inicialización del trabajo. Esto puede suceder, ya que input_dev->close() llama a cancel_work_sync(&dev->work), pero la inicialización dev->work ocurre _después_ de la llamada input_register_device(). Entonces este parche mueve la inicialización dev->work antes de registrar el dispositivo de entrada (string)

}

]

id : CVE-2021-46932 (string)

lastModified : 2024-11-21T06:34:57.780 (string)

metrics : { »

cvssMetricV31 : [ »

0 : { »

cvssData : { »

attackComplexity : LOW (string)

attackVector : LOCAL (string)

availabilityImpact : HIGH (string)

baseScore : 5.5 (number)

baseSeverity : MEDIUM (string)

confidentialityImpact : NONE (string)

integrityImpact : NONE (string)

privilegesRequired : LOW (string)

scope : UNCHANGED (string)

userInteraction : NONE (string)

vectorString : CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H (string)

version : 3.1 (string)

}

exploitabilityScore : 1.8 (number)

impactScore : 3.6 (number)

source : nvd@nist.gov (string)

type : Primary (string)

}

]

}

published : 2024-02-27T10:15:07.753 (string)

references : [ »

0 : { »

source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

tags : [ »

0 : Patch (string)

]

url : https://git.kernel.org/stable/c/292d2ac61fb0d9276a0f7b7ce4f50426f2a1c99f (string)

}

1 : { »

source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

tags : [ »

0 : Patch (string)

]

url : https://git.kernel.org/stable/c/975774ea7528b489930b76a77ffc4d5379b95ff2 (string)

}

2 : { »

source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

tags : [ »

0 : Patch (string)

]

url : https://git.kernel.org/stable/c/9f329d0d6c91142cf0ad08d23c72dd195db2633c (string)

}

3 : { »

source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

tags : [ »

0 : Patch (string)

]

url : https://git.kernel.org/stable/c/9f3ccdc3f6ef10084ceb3a47df0961bec6196fd0 (string)

}

4 : { »

source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

tags : [ »

0 : Patch (string)

]

url : https://git.kernel.org/stable/c/a02e1404e27855089d2b0a0acc4652c2ce65fe46 (string)

}

5 : { »

source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

tags : [ »

0 : Patch (string)

]

url : https://git.kernel.org/stable/c/d1962f263a176f493400b8f91bfbf2bfedce951e (string)

}

6 : { »

source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

tags : [ »

0 : Patch (string)

]

url : https://git.kernel.org/stable/c/d2cb2bf39a6d17ef4bdc0e59c1a35cf5751ad8f4 (string)

}

7 : { »

source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

tags : [ »

0 : Patch (string)

]

url : https://git.kernel.org/stable/c/e79ff8c68acb1eddf709d3ac84716868f2a91012 (string)

}

8 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Patch (string)

]

url : https://git.kernel.org/stable/c/292d2ac61fb0d9276a0f7b7ce4f50426f2a1c99f (string)

}

9 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Patch (string)

]

url : https://git.kernel.org/stable/c/975774ea7528b489930b76a77ffc4d5379b95ff2 (string)

}

10 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Patch (string)

]

url : https://git.kernel.org/stable/c/9f329d0d6c91142cf0ad08d23c72dd195db2633c (string)

}

11 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Patch (string)

]

url : https://git.kernel.org/stable/c/9f3ccdc3f6ef10084ceb3a47df0961bec6196fd0 (string)

}

12 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Patch (string)

]

url : https://git.kernel.org/stable/c/a02e1404e27855089d2b0a0acc4652c2ce65fe46 (string)

}

13 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Patch (string)

]

url : https://git.kernel.org/stable/c/d1962f263a176f493400b8f91bfbf2bfedce951e (string)

}

14 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Patch (string)

]

url : https://git.kernel.org/stable/c/d2cb2bf39a6d17ef4bdc0e59c1a35cf5751ad8f4 (string)

}

15 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Patch (string)

]

url : https://git.kernel.org/stable/c/e79ff8c68acb1eddf709d3ac84716868f2a91012 (string)

}

]

sourceIdentifier : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

vulnStatus : Modified (string)

weaknesses : [ »

0 : { »

description : [ »

0 : { »

lang : en (string)

value : CWE-665 (string)

}

]

source : nvd@nist.gov (string)

type : Primary (string)

}

]

}

Show plain JSON

{"bugzilla": {"description": "kernel: Input: appletouch - initialize work before device registration", "id": "2266318", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2266318"}, "csaw": false, "cvss3": {"cvss3_base_score": "2.3", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L", "status": "draft"}, "cwe": "CWE-416", "details": ["In the Linux kernel, the following vulnerability has been resolved:\nInput: appletouch - initialize work before device registration\nSyzbot has reported warning in __flush_work(). This warning is caused by\nwork->func == NULL, which means missing work initialization.\nThis may happen, since input_dev->close() calls\ncancel_work_sync(&dev->work), but dev->work initalization happens _after_\ninput_register_device() call.\nSo this patch moves dev->work initialization before registering input\ndevice"], "name": "CVE-2021-46932", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2024-02-27T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2021-46932\nhttps://nvd.nist.gov/vuln/detail/CVE-2021-46932\nhttps://lore.kernel.org/linux-cve-announce/2024022750-CVE-2021-46932-3a36@gregkh/T/#u"], "threat_severity": "Low"}

{

bugzilla : { »

description : kernel: Input: appletouch - initialize work before device registration (string)

id : 2266318 (string)

url : https://bugzilla.redhat.com/show_bug.cgi?id=2266318 (string)

}

csaw : false (boolean)

cvss3 : { »

cvss3_base_score : 2.3 (string)

cvss3_scoring_vector : CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L (string)

status : draft (string)

}

cwe : CWE-416 (string)

details : [ »

0 : In the Linux kernel, the following vulnerability has been resolved: Input: appletouch - initialize work before device registration Syzbot has reported warning in __flush_work(). This warning is caused by work->func == NULL, which means missing work initialization. This may happen, since input_dev->close() calls cancel_work_sync(&dev->work), but dev->work initalization happens _after_ input_register_device() call. So this patch moves dev->work initialization before registering input device (string)

]

name : CVE-2021-46932 (string)

package_state : [ »

0 : { »

cpe : cpe:/o:redhat:enterprise_linux:6 (string)

fix_state : Out of support scope (string)

package_name : kernel (string)

product_name : Red Hat Enterprise Linux 6 (string)

}

1 : { »

cpe : cpe:/o:redhat:enterprise_linux:7 (string)

fix_state : Out of support scope (string)

package_name : kernel (string)

product_name : Red Hat Enterprise Linux 7 (string)

}

2 : { »

cpe : cpe:/o:redhat:enterprise_linux:7 (string)

fix_state : Out of support scope (string)

package_name : kernel-rt (string)

product_name : Red Hat Enterprise Linux 7 (string)

}

3 : { »

cpe : cpe:/o:redhat:enterprise_linux:8 (string)

fix_state : Affected (string)

package_name : kernel (string)

product_name : Red Hat Enterprise Linux 8 (string)

}

4 : { »

cpe : cpe:/o:redhat:enterprise_linux:8 (string)

fix_state : Affected (string)

package_name : kernel-rt (string)

product_name : Red Hat Enterprise Linux 8 (string)

}

5 : { »

cpe : cpe:/o:redhat:enterprise_linux:9 (string)

fix_state : Not affected (string)

package_name : kernel (string)

product_name : Red Hat Enterprise Linux 9 (string)

}

6 : { »

cpe : cpe:/o:redhat:enterprise_linux:9 (string)

fix_state : Not affected (string)

package_name : kernel-rt (string)

product_name : Red Hat Enterprise Linux 9 (string)

}

]

public_date : 2024-02-27T00:00:00Z (string)

references : [ »

0 : https://www.cve.org/CVERecord?id=CVE-2021-46932 https://nvd.nist.gov/vuln/detail/CVE-2021-46932 https://lore.kernel.org/linux-cve-announce/2024022750-CVE-2021-46932-3a36@gregkh/T/#u (string)

]

threat_severity : Low (string)

}

Metrics

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Exploitation none

Automatable no

Technical Impact partial

Affected Vendors & Products

Metrics

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Exploitation none

Automatable no

Technical Impact partial

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object