CVE-2021-46966
HIGHLinux Kernel 4.4.195-4.4.269 - Use-After-Free in ACPI Custom Method Write
Title source: llmDescription
In the Linux kernel, the following vulnerability has been resolved: ACPI: custom_method: fix potential use-after-free issue In cm_write(), buf is always freed when reaching the end of the function. If the requested count is less than table.length, the allocated buffer will be freed but subsequent calls to cm_write() will still try to access it. Remove the unconditional kfree(buf) at the end of the function and set the buf to NULL in the -EINVAL error path to match the rest of function.
References (9)
Core 9
Core References
Scores
CVSS v3
7.8
EPSS
0.0023
EPSS Percentile
13.7%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
partial
Details
CWE
CWE-416
Status
published
Products (29)
Linux/Linux
< 5.4
Linux/Linux
03d1571d9513369c17e6848476763ebbd10ec2cb - 62dc2440ebb552aa0d7f635e1697e077d9d21203
Linux/Linux
03d1571d9513369c17e6848476763ebbd10ec2cb - 72814a94c38a33239793f7622cec6ace1e540c4b
Linux/Linux
03d1571d9513369c17e6848476763ebbd10ec2cb - b7a5baaae212a686ceb812c32fceed79c03c0234
Linux/Linux
03d1571d9513369c17e6848476763ebbd10ec2cb - e483bb9a991bdae29a0caa4b3a6d002c968f94aa
Linux/Linux
03d1571d9513369c17e6848476763ebbd10ec2cb - f16737caf41fc06cfe6e49048becb09657074d4b
Linux/Linux
06cd4a06eb596a888239fb8ceb6ea15677cab396
Linux/Linux
35b88a10535edcf62d3e6b7893a8cd506ff98a24 - 90575d1d9311b753cf1718f4ce9061ddda7dfd23
Linux/Linux
4.14.147 - 4.14.233
Linux/Linux
4.14.233 - 4.14.*
... and 19 more
Published
Feb 27, 2024
Tracked Since
Feb 18, 2026