CVE-2021-47093

MEDIUM

Linux Kernel < 5.10.89 - Use-After-Free in intel_pmc_core Device Registration

Title source: llm

Description

In the Linux kernel, the following vulnerability has been resolved: platform/x86: intel_pmc_core: fix memleak on registration failure In case device registration fails during module initialisation, the platform device structure needs to be freed using platform_device_put() to properly free all resources (e.g. the device name).

References (3)

Core 3

Core References

Patch

https://git.kernel.org/stable/c/7a37f2e370699e2feca3dca6c8178c71ceee7e8a

Patch

https://git.kernel.org/stable/c/9ca1324755f1f8629a370af5cc315b175331f5d1

Patch

https://git.kernel.org/stable/c/26a8b09437804fabfb1db080d676b96c0de68e7c

Scores

CVSS v3 5.5

EPSS 0.0026

EPSS Percentile 17.0%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-401

Status published

Products (10)

Linux/Linux < 5.9

Linux/Linux 5.10.89 - 5.10.*

Linux/Linux 5.15.12 - 5.15.*

Linux/Linux 5.16

Linux/Linux 5.9

Linux/Linux 938835aa903ae19ad62805134f79bbcf20fc3bea - 26a8b09437804fabfb1db080d676b96c0de68e7c

Linux/Linux 938835aa903ae19ad62805134f79bbcf20fc3bea - 7a37f2e370699e2feca3dca6c8178c71ceee7e8a

Linux/Linux 938835aa903ae19ad62805134f79bbcf20fc3bea - 9ca1324755f1f8629a370af5cc315b175331f5d1

linux/linux_kernel 5.16 rc1 (6 CPE variants)

linux/linux_kernel 5.9 - 5.10.89

Published Mar 04, 2024

Tracked Since Feb 18, 2026