CVE-2021-47357
HIGHLinux Kernel < 4.4.276 - Use-After-Free in ATM iphase Module Timer Handler
Title source: llmDescription
In the Linux kernel, the following vulnerability has been resolved: atm: iphase: fix possible use-after-free in ia_module_exit() This module's remove path calls del_timer(). However, that function does not wait until the timer handler finishes. This means that the timer handler may still be running after the driver's remove function has finished, which would result in a use-after-free. Fix by calling del_timer_sync(), which makes sure the timer handler has finished, and unable to re-schedule itself.
References (9)
Core 9
Core References
Scores
CVSS v3
7.8
EPSS
0.0025
EPSS Percentile
15.9%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
partial
Details
CWE
CWE-416
Status
published
Products (21)
Linux/Linux
< 2.6.12
Linux/Linux
1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - 1c72e6ab66b9598cac741ed397438a52065a8f1f
Linux/Linux
1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - 89ce0b0747f319eb70f85bc820dcc43cebbd5417
Linux/Linux
1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - 9e161687855175334ca93c6c3ccb221731194479
Linux/Linux
1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - a832ee2f2145f57443b2d565f8cb5490e8339f42
Linux/Linux
1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - b58d246a058ae88484758cd4ab27b3180fd5ecf8
Linux/Linux
1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - bcdd2be48edd8c6867fb44112cb8d18086beae29
Linux/Linux
1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - c9172498d4d62c9b64e5fb37c1ee0343e65fe51b
Linux/Linux
1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - d1fb12412874c94ad037e11d0ecdd1140a439297
Linux/Linux
1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 - e759ff76ebbbfcdcf83b6634c54dc47828573d8b
... and 11 more
Published
May 21, 2024
Tracked Since
Feb 18, 2026