{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2021-47500", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2024-05-22T06:20:56.204Z", "datePublished": "2024-05-24T15:01:43.362Z", "dateUpdated": "2025-05-04T07:12:22.590Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2025-05-04T07:12:22.590Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\niio: mma8452: Fix trigger reference couting\n\nThe mma8452 driver directly assigns a trigger to the struct iio_dev. The\nIIO core when done using this trigger will call `iio_trigger_put()` to drop\nthe reference count by 1.\n\nWithout the matching `iio_trigger_get()` in the driver the reference count\ncan reach 0 too early, the trigger gets freed while still in use and a\nuse-after-free occurs.\n\nFix this by getting a reference to the trigger before assigning it to the\nIIO device."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/iio/accel/mma8452.c"], "versions": [{"version": "ae6d9ce05691bf79694074db7c7da980080548af", "lessThan": "094d513b78b1714113bc016684b8142382e071ba", "status": "affected", "versionType": "git"}, {"version": "ae6d9ce05691bf79694074db7c7da980080548af", "lessThan": "fb75cc4740d81264cd5bcb0e17d961d018a8be96", "status": "affected", "versionType": "git"}, {"version": "ae6d9ce05691bf79694074db7c7da980080548af", "lessThan": "794c0898f6bf39a458655d5fb4af70ec43a5cfcb", "status": "affected", "versionType": "git"}, {"version": "ae6d9ce05691bf79694074db7c7da980080548af", "lessThan": "f5deab10ced368c807866283f8b79144c4823be8", "status": "affected", "versionType": "git"}, {"version": "ae6d9ce05691bf79694074db7c7da980080548af", "lessThan": "acf0088ac073ca6e7f4cad6acac112177e08df5e", "status": "affected", "versionType": "git"}, {"version": "ae6d9ce05691bf79694074db7c7da980080548af", "lessThan": "db12d95085367de8b0223929d1332731024441f1", "status": "affected", "versionType": "git"}, {"version": "ae6d9ce05691bf79694074db7c7da980080548af", "lessThan": "c43517071dfc9fce34f8f69dbb98a86017f6b739", "status": "affected", "versionType": "git"}, {"version": "ae6d9ce05691bf79694074db7c7da980080548af", "lessThan": "cd0082235783f814241a1c9483fb89e405f4f892", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/iio/accel/mma8452.c"], "versions": [{"version": "4.2", "status": "affected"}, {"version": "0", "lessThan": "4.2", "status": "unaffected", "versionType": "semver"}, {"version": "4.4.295", "lessThanOrEqual": "4.4.*", "status": "unaffected", "versionType": "semver"}, {"version": "4.9.293", "lessThanOrEqual": "4.9.*", "status": "unaffected", "versionType": "semver"}, {"version": "4.14.258", "lessThanOrEqual": "4.14.*", "status": "unaffected", "versionType": "semver"}, {"version": "4.19.221", "lessThanOrEqual": "4.19.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.4.165", "lessThanOrEqual": "5.4.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.10.85", "lessThanOrEqual": "5.10.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.15.8", "lessThanOrEqual": "5.15.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.16", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.2", "versionEndExcluding": "4.4.295"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.2", "versionEndExcluding": "4.9.293"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.2", "versionEndExcluding": "4.14.258"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.2", "versionEndExcluding": "4.19.221"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.2", "versionEndExcluding": "5.4.165"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.2", "versionEndExcluding": "5.10.85"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.2", "versionEndExcluding": "5.15.8"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.2", "versionEndExcluding": "5.16"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/094d513b78b1714113bc016684b8142382e071ba"}, {"url": "https://git.kernel.org/stable/c/fb75cc4740d81264cd5bcb0e17d961d018a8be96"}, {"url": "https://git.kernel.org/stable/c/794c0898f6bf39a458655d5fb4af70ec43a5cfcb"}, {"url": "https://git.kernel.org/stable/c/f5deab10ced368c807866283f8b79144c4823be8"}, {"url": "https://git.kernel.org/stable/c/acf0088ac073ca6e7f4cad6acac112177e08df5e"}, {"url": "https://git.kernel.org/stable/c/db12d95085367de8b0223929d1332731024441f1"}, {"url": "https://git.kernel.org/stable/c/c43517071dfc9fce34f8f69dbb98a86017f6b739"}, {"url": "https://git.kernel.org/stable/c/cd0082235783f814241a1c9483fb89e405f4f892"}], "title": "iio: mma8452: Fix trigger reference couting", "x_generator": {"engine": "bippy-1.2.0"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T05:39:59.752Z"}, "title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/094d513b78b1714113bc016684b8142382e071ba", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/fb75cc4740d81264cd5bcb0e17d961d018a8be96", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/794c0898f6bf39a458655d5fb4af70ec43a5cfcb", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/f5deab10ced368c807866283f8b79144c4823be8", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/acf0088ac073ca6e7f4cad6acac112177e08df5e", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/db12d95085367de8b0223929d1332731024441f1", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/c43517071dfc9fce34f8f69dbb98a86017f6b739", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/cd0082235783f814241a1c9483fb89e405f4f892", "tags": ["x_transferred"]}]}, {"metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2021-47500", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-09-10T15:35:45.977945Z"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-11T17:32:52.849Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/094d513b78b1714113bc016684b8142382e071ba", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/fb75cc4740d81264cd5bcb0e17d961d018a8be96", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/794c0898f6bf39a458655d5fb4af70ec43a5cfcb", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/f5deab10ced368c807866283f8b79144c4823be8", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/acf0088ac073ca6e7f4cad6acac112177e08df5e", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/db12d95085367de8b0223929d1332731024441f1", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/c43517071dfc9fce34f8f69dbb98a86017f6b739", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/cd0082235783f814241a1c9483fb89e405f4f892", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T05:39:59.752Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2021-47500", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-09-10T15:35:45.977945Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-11T12:42:13.213Z"}}], "cna": {"title": "iio: mma8452: Fix trigger reference couting", "affected": [{"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "ae6d9ce05691bf79694074db7c7da980080548af", "lessThan": "094d513b78b1714113bc016684b8142382e071ba", "versionType": "git"}, {"status": "affected", "version": "ae6d9ce05691bf79694074db7c7da980080548af", "lessThan": "fb75cc4740d81264cd5bcb0e17d961d018a8be96", "versionType": "git"}, {"status": "affected", "version": "ae6d9ce05691bf79694074db7c7da980080548af", "lessThan": "794c0898f6bf39a458655d5fb4af70ec43a5cfcb", "versionType": "git"}, {"status": "affected", "version": "ae6d9ce05691bf79694074db7c7da980080548af", "lessThan": "f5deab10ced368c807866283f8b79144c4823be8", "versionType": "git"}, {"status": "affected", "version": "ae6d9ce05691bf79694074db7c7da980080548af", "lessThan": "acf0088ac073ca6e7f4cad6acac112177e08df5e", "versionType": "git"}, {"status": "affected", "version": "ae6d9ce05691bf79694074db7c7da980080548af", "lessThan": "db12d95085367de8b0223929d1332731024441f1", "versionType": "git"}, {"status": "affected", "version": "ae6d9ce05691bf79694074db7c7da980080548af", "lessThan": "c43517071dfc9fce34f8f69dbb98a86017f6b739", "versionType": "git"}, {"status": "affected", "version": "ae6d9ce05691bf79694074db7c7da980080548af", "lessThan": "cd0082235783f814241a1c9483fb89e405f4f892", "versionType": "git"}], "programFiles": ["drivers/iio/accel/mma8452.c"], "defaultStatus": "unaffected"}, {"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "4.2"}, {"status": "unaffected", "version": "0", "lessThan": "4.2", "versionType": "semver"}, {"status": "unaffected", "version": "4.4.295", "versionType": "semver", "lessThanOrEqual": "4.4.*"}, {"status": "unaffected", "version": "4.9.293", "versionType": "semver", "lessThanOrEqual": "4.9.*"}, {"status": "unaffected", "version": "4.14.258", "versionType": "semver", "lessThanOrEqual": "4.14.*"}, {"status": "unaffected", "version": "4.19.221", "versionType": "semver", "lessThanOrEqual": "4.19.*"}, {"status": "unaffected", "version": "5.4.165", "versionType": "semver", "lessThanOrEqual": "5.4.*"}, {"status": "unaffected", "version": "5.10.85", "versionType": "semver", "lessThanOrEqual": "5.10.*"}, {"status": "unaffected", "version": "5.15.8", "versionType": "semver", "lessThanOrEqual": "5.15.*"}, {"status": "unaffected", "version": "5.16", "versionType": "original_commit_for_fix", "lessThanOrEqual": "*"}], "programFiles": ["drivers/iio/accel/mma8452.c"], "defaultStatus": "affected"}], "references": [{"url": "https://git.kernel.org/stable/c/094d513b78b1714113bc016684b8142382e071ba"}, {"url": "https://git.kernel.org/stable/c/fb75cc4740d81264cd5bcb0e17d961d018a8be96"}, {"url": "https://git.kernel.org/stable/c/794c0898f6bf39a458655d5fb4af70ec43a5cfcb"}, {"url": "https://git.kernel.org/stable/c/f5deab10ced368c807866283f8b79144c4823be8"}, {"url": "https://git.kernel.org/stable/c/acf0088ac073ca6e7f4cad6acac112177e08df5e"}, {"url": "https://git.kernel.org/stable/c/db12d95085367de8b0223929d1332731024441f1"}, {"url": "https://git.kernel.org/stable/c/c43517071dfc9fce34f8f69dbb98a86017f6b739"}, {"url": "https://git.kernel.org/stable/c/cd0082235783f814241a1c9483fb89e405f4f892"}], "x_generator": {"engine": "bippy-1.2.0"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\niio: mma8452: Fix trigger reference couting\n\nThe mma8452 driver directly assigns a trigger to the struct iio_dev. The\nIIO core when done using this trigger will call `iio_trigger_put()` to drop\nthe reference count by 1.\n\nWithout the matching `iio_trigger_get()` in the driver the reference count\ncan reach 0 too early, the trigger gets freed while still in use and a\nuse-after-free occurs.\n\nFix this by getting a reference to the trigger before assigning it to the\nIIO device."}], "cpeApplicability": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "4.4.295", "versionStartIncluding": "4.2"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "4.9.293", "versionStartIncluding": "4.2"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "4.14.258", "versionStartIncluding": "4.2"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "4.19.221", "versionStartIncluding": "4.2"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "5.4.165", "versionStartIncluding": "4.2"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "5.10.85", "versionStartIncluding": "4.2"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "5.15.8", "versionStartIncluding": "4.2"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "5.16", "versionStartIncluding": "4.2"}], "operator": "OR"}]}], "providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2025-05-04T07:12:22.590Z"}}}, "cveMetadata": {"cveId": "CVE-2021-47500", "state": "PUBLISHED", "dateUpdated": "2025-05-04T07:12:22.590Z", "dateReserved": "2024-05-22T06:20:56.204Z", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "datePublished": "2024-05-24T15:01:43.362Z", "assignerShortName": "Linux"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "3842D18A-DF7B-40A7-994E-E7606663CB16", "versionEndExcluding": "4.4.295", "versionStartIncluding": "4.2", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "5D107324-F4B9-4146-BACC-391E95D41D67", "versionEndExcluding": "4.9.293", "versionStartIncluding": "4.5", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "71B2A056-7541-4FF3-859E-C55955DDA2DD", "versionEndExcluding": "4.14.258", "versionStartIncluding": "4.10", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "CECDDE2F-DEEF-4D3A-85FF-6AEBA16D225B", "versionEndExcluding": "4.19.221", "versionStartIncluding": "4.15", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "B1DD3148-41FC-42AC-96A5-F63D774A97A3", "versionEndExcluding": "5.4.165", "versionStartIncluding": "4.20", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "D9668578-08F7-4694-A86F-FCE448387A79", "versionEndExcluding": "5.10.85", "versionStartIncluding": "5.5", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "6664ACE2-F748-4AE5-B98B-58803B0B2C3E", "versionEndExcluding": "5.15.8", "versionStartIncluding": "5.11", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:5.15:rc1:*:*:*:*:*:*", "matchCriteriaId": "E46C74C6-B76B-4C94-A6A4-FD2FFF62D644", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:5.15:rc2:*:*:*:*:*:*", "matchCriteriaId": "60134C3A-06E4-48C1-B04F-2903732A4E56", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:5.15:rc3:*:*:*:*:*:*", "matchCriteriaId": "0460DA88-8FE1-46A2-9DDA-1F1ABA552E71", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:5.15:rc4:*:*:*:*:*:*", "matchCriteriaId": "AF55383D-4DF2-45DC-93F7-571F4F978EAB", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\niio: mma8452: Fix trigger reference couting\n\nThe mma8452 driver directly assigns a trigger to the struct iio_dev. The\nIIO core when done using this trigger will call `iio_trigger_put()` to drop\nthe reference count by 1.\n\nWithout the matching `iio_trigger_get()` in the driver the reference count\ncan reach 0 too early, the trigger gets freed while still in use and a\nuse-after-free occurs.\n\nFix this by getting a reference to the trigger before assigning it to the\nIIO device."}, {"lang": "es", "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: iio: mma8452: correcci\u00f3n del c\u00e1lculo de referencia del disparador El controlador mma8452 asigna directamente un disparador a la estructura iio_dev. El n\u00facleo de IIO, cuando termine de usar este activador, llamar\u00e1 a `iio_trigger_put()` para reducir el recuento de referencias en 1. Sin el `iio_trigger_get()` coincidente en el controlador, el recuento de referencias puede llegar a 0 demasiado pronto, el activador se libera mientras a\u00fan est\u00e1 en se produce un uso y un use-after-free. Solucione este problema obteniendo una referencia al disparador antes de asignarlo al dispositivo IIO."}], "id": "CVE-2021-47500", "lastModified": "2025-01-06T20:45:22.063", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2024-05-24T15:15:09.900", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/094d513b78b1714113bc016684b8142382e071ba"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/794c0898f6bf39a458655d5fb4af70ec43a5cfcb"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/acf0088ac073ca6e7f4cad6acac112177e08df5e"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/c43517071dfc9fce34f8f69dbb98a86017f6b739"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/cd0082235783f814241a1c9483fb89e405f4f892"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/db12d95085367de8b0223929d1332731024441f1"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/f5deab10ced368c807866283f8b79144c4823be8"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/fb75cc4740d81264cd5bcb0e17d961d018a8be96"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/094d513b78b1714113bc016684b8142382e071ba"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/794c0898f6bf39a458655d5fb4af70ec43a5cfcb"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/acf0088ac073ca6e7f4cad6acac112177e08df5e"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/c43517071dfc9fce34f8f69dbb98a86017f6b739"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/cd0082235783f814241a1c9483fb89e405f4f892"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/db12d95085367de8b0223929d1332731024441f1"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/f5deab10ced368c807866283f8b79144c4823be8"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/fb75cc4740d81264cd5bcb0e17d961d018a8be96"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-416"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"bugzilla": {"description": "kernel: iio: mma8452: Fix trigger reference couting", "id": "2283454", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2283454"}, "csaw": false, "cvss3": {"cvss3_base_score": "7.8", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "status": "draft"}, "cwe": "CWE-911->CWE-416", "details": ["In the Linux kernel, the following vulnerability has been resolved:\niio: mma8452: Fix trigger reference couting\nThe mma8452 driver directly assigns a trigger to the struct iio_dev. The\nIIO core when done using this trigger will call `iio_trigger_put()` to drop\nthe reference count by 1.\nWithout the matching `iio_trigger_get()` in the driver the reference count\ncan reach 0 too early, the trigger gets freed while still in use and a\nuse-after-free occurs.\nFix this by getting a reference to the trigger before assigning it to the\nIIO device."], "mitigation": {"lang": "en:us", "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."}, "name": "CVE-2021-47500", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2024-05-24T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2021-47500\nhttps://nvd.nist.gov/vuln/detail/CVE-2021-47500"], "statement": "Following issue marked as moderate with \"not affected\" for Red Hat Enterprise Linux, as it is not vulnerable to this CVE. This is because the CVE does not impact the versions or configurations of the Linux kernel used in Red Hat's distributions. Additionally, some RHEL versions may be marked as \"will not fix\" due to the minimal impact of the issue, and no fix will be provided.", "threat_severity": "Moderate"}

{}