CVE-2021-47403

HIGH

Linux Kernel 3.18-4.4.286 - Module Reference Leak in IPOctal TTY Driver

Title source: llm

Description

In the Linux kernel, the following vulnerability has been resolved: ipack: ipoctal: fix module reference leak A reference to the carrier module was taken on every open but was only released once when the final reference to the tty struct was dropped. Fix this by taking the module reference and initialising the tty driver data when installing the tty.

References (8)

Core 8

Core References

Patch

https://git.kernel.org/stable/c/31398849b84ebae0d43a1cf379cb9895597f221a

Patch

https://git.kernel.org/stable/c/c0adb5a947dec6cff7050ec56d78ecd3916f9ce6

Patch

https://git.kernel.org/stable/c/dde4c1429b97383689f755ce92b4ed1e84a9c92b

Patch

https://git.kernel.org/stable/c/9c5b77a7ffc983b2429ce158b50497c5d3c86a69

Patch

https://git.kernel.org/stable/c/3253c87e1e5bc0107aab773af2f135ebccf38666

Patch

https://git.kernel.org/stable/c/7cea848678470daadbfdaa6a112b823c290f900c

Patch

https://git.kernel.org/stable/c/811178f296b16af30264def74c8d2179a72d5562

Patch

https://git.kernel.org/stable/c/bb8a4fcb2136508224c596a7e665bdba1d7c3c27

Scores

CVSS v3 7.1

EPSS 0.0025

EPSS Percentile 16.0%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-200

Status published

Products (20)

Linux/Linux < 3.18

Linux/Linux 3.18

Linux/Linux 4.14.249 - 4.14.*

Linux/Linux 4.19.209 - 4.19.*

Linux/Linux 4.4.286 - 4.4.*

Linux/Linux 4.9.285 - 4.9.*

Linux/Linux 5.10.71 - 5.10.*

Linux/Linux 5.14.10 - 5.14.*

Linux/Linux 5.15

Linux/Linux 5.4.151 - 5.4.*

... and 10 more

Published May 21, 2024

Tracked Since Feb 18, 2026