CVE-2021-47470

HIGH

Linux Kernel 5.14-5.14.14 - Use-After-Free in SLUB DebugFS Operations

Title source: llm
STIX 2.1

Description

In the Linux kernel, the following vulnerability has been resolved: mm, slub: fix potential use-after-free in slab_debugfs_fops When sysfs_slab_add failed, we shouldn't call debugfs_slab_add() for s because s will be freed soon. And slab_debugfs_fops will use s later leading to a use-after-free.

Scores

CVSS v3 7.8
EPSS 0.0020
EPSS Percentile 10.2%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact partial

Details

CWE
CWE-416
Status published
Products (8)
Linux/Linux < 5.14
Linux/Linux 5.14
Linux/Linux 5.14.15 - 5.14.*
Linux/Linux 5.15
Linux/Linux 64dd68497be76ab4e237cca06f5324e220d0f050 - 159d8cfbd0428d487c53be4722f33cdab0d25d83
Linux/Linux 64dd68497be76ab4e237cca06f5324e220d0f050 - 67823a544414def2a36c212abadb55b23bcda00c
linux/linux_kernel 5.15 rc1 (6 CPE variants)
linux/linux_kernel 5.14 - 5.14.15
Published May 22, 2024
Tracked Since Feb 18, 2026