CVE-2021-47521

Published: May 24, 2024Modified: Jun 17, 2026

7.8

Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Exploitability: 1.8 / Impact: 5.9

Source: NVD

Description

In the Linux kernel, the following vulnerability has been resolved: can: sja1000: fix use after free in ems_pcmcia_add_card() If the last channel is not available then "dev" is freed. Fortunately, we can just use "pdev->irq" instead. Also we should check if at least one channel was set up.

Affected (7)

Products: Linux: Linux Kernel

1 product

Configuration A

7 vulnerable

Vulnerable Software	Affected Versions
Linux Linux Kernel	From 3.2 to 4.4.295
Linux Linux Kernel	From 4.10 to 4.14.258
Linux Linux Kernel	From 4.15 to 4.19.221
Linux Linux Kernel	From 4.20 to 5.4.165
Linux Linux Kernel	From 4.5 to 4.9.293
Linux Linux Kernel	From 5.11 to 5.15.8
Linux Linux Kernel	From 5.5 to 5.10.85

Related CWEs

The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.

References (16)

https://git.kernel.org/stable/c/1a295fea90e1acbe80c6d4940f5ff856edcd6bec

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/1dd5b819f7e406dc15bbc7670596ff25261aaa2a

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/3ec6ca6b1a8e64389f0212b5a1b0f6fed1909e45

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/474f9a8534f5f89841240a7e978bafd6e1e039ce

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/923f4dc5df679f678e121c20bf2fd70f7bf3e288

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/c8718026ba287168ff9ad0ccc4f9a413062cba36

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/cbd86110546f7f730a1f5d7de56c944a336c15c4

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/ccf070183e4655824936c0f96c4a2bcca93419aa

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/1a295fea90e1acbe80c6d4940f5ff856edcd6bec

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

https://git.kernel.org/stable/c/1dd5b819f7e406dc15bbc7670596ff25261aaa2a

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

https://git.kernel.org/stable/c/3ec6ca6b1a8e64389f0212b5a1b0f6fed1909e45

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

https://git.kernel.org/stable/c/474f9a8534f5f89841240a7e978bafd6e1e039ce

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

https://git.kernel.org/stable/c/923f4dc5df679f678e121c20bf2fd70f7bf3e288

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

https://git.kernel.org/stable/c/c8718026ba287168ff9ad0ccc4f9a413062cba36

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

https://git.kernel.org/stable/c/cbd86110546f7f730a1f5d7de56c944a336c15c4

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

https://git.kernel.org/stable/c/ccf070183e4655824936c0f96c4a2bcca93419aa

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

Timeline

No history available yet.