CVE-2021-47470
N/A
N/A
Summary
In the Linux kernel, the following vulnerability has been resolved:
mm, slub: fix potential use-after-free in slab_debugfs_fops
When sysfs_slab_add failed, we shouldn't call debugfs_slab_add() for s because s will be freed soon. And slab_debugfs_fops will use s later leading to a use-after-free.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Linux | Linux | 64dd68497be76ab4e237cca06f5324e220d0f050 < 159d8cfbd0428d487c53be4722f33cdab0d25d83 | affected |
| Linux | Linux | 64dd68497be76ab4e237cca06f5324e220d0f050 < 67823a544414def2a36c212abadb55b23bcda00c | affected |
| Linux | Linux | 5.14 | affected |
| Linux | Linux | 0 < 5.14 | unaffected |
| Linux | Linux | 5.14.15 <= 5.14.* | unaffected |
| Linux | Linux | 5.15 <= * | unaffected |
Weaknesses
ADP Enrichment
CVE Program Container
Additional References
- https://git.kernel.org/stable/c/159d8cfbd0428d487c53be4722f33cdab0d25d83
- https://git.kernel.org/stable/c/67823a544414def2a36c212abadb55b23bcda00c
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: partial
References
- https://git.kernel.org/stable/c/159d8cfbd0428d487c53be4722f33cdab0d25d83
- https://git.kernel.org/stable/c/67823a544414def2a36c212abadb55b23bcda00c
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.