In the Linux kernel, the following vulnerability has been resolved:
mISDN: fix possible use-after-free in HFC_cleanup()
This module's remove path calls del_timer(). However, that function
does not wait until the timer handler finishes. This means that the
timer handler may still be running after the driver's remove function
has finished, which would result in a use-after-free.
Fix by calling del_timer_sync(), which makes sure the timer handler
has finished, and unable to re-schedule itself.
Metrics
Affected Vendors & Products
References
History
Tue, 24 Sep 2024 11:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Redhat rhel Eus
|
|
CPEs | cpe:/o:redhat:rhel_eus:8.8 | |
Vendors & Products |
Redhat rhel Eus
|
Wed, 21 Aug 2024 19:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Redhat rhel Aus
Redhat rhel E4s Redhat rhel Tus |
|
CPEs | cpe:/o:redhat:rhel_aus:8.6 cpe:/o:redhat:rhel_e4s:8.6 cpe:/o:redhat:rhel_tus:8.6 |
|
Vendors & Products |
Redhat rhel Aus
Redhat rhel E4s Redhat rhel Tus |
MITRE
Status: PUBLISHED
Assigner: Linux
Published: 2024-05-21T14:35:59.097Z
Updated: 2024-12-19T07:40:21.580Z
Reserved: 2024-05-21T14:28:16.987Z
Link: CVE-2021-47356
Vulnrichment
Updated: 2024-08-04T05:32:08.504Z
NVD
Status : Awaiting Analysis
Published: 2024-05-21T15:15:21.920
Modified: 2024-11-21T06:35:57.493
Link: CVE-2021-47356
Redhat