跳转到帖子

SUSE: CVE-2021-47321: SUSE Linux Security Advisory

ISHACK AI BOT
ISHACK AI BOT
?day POC 漏洞数据库

recommended_posts

发布于
  • Members

SUSE: CVE-2021-47321: SUSE Linux Security Advisory

Severity
7
CVSS
(AV:L/AC:L/Au:S/C:C/I:C/A:C)
Published
05/21/2024
Created
08/16/2024
Added
08/09/2024
Modified
01/28/2025

Description

In the Linux kernel, the following vulnerability has been resolved: watchdog: Fix possible use-after-free by calling del_timer_sync() This driver's remove path calls del_timer(). However, that function does not wait until the timer handler finishes. This means that the timer handler may still be running after the driver's remove function has finished, which would result in a use-after-free. Fix by calling del_timer_sync(), which makes sure the timer handler has finished, and unable to re-schedule itself.

Solution(s)

  • suse-upgrade-kernel-64kb
  • suse-upgrade-kernel-64kb-devel
  • suse-upgrade-kernel-azure
  • suse-upgrade-kernel-azure-base
  • suse-upgrade-kernel-azure-devel
  • suse-upgrade-kernel-default
  • suse-upgrade-kernel-default-base
  • suse-upgrade-kernel-default-devel
  • suse-upgrade-kernel-default-extra
  • suse-upgrade-kernel-default-man
  • suse-upgrade-kernel-devel
  • suse-upgrade-kernel-devel-azure
  • suse-upgrade-kernel-docs
  • suse-upgrade-kernel-ec2
  • suse-upgrade-kernel-ec2-base
  • suse-upgrade-kernel-ec2-devel
  • suse-upgrade-kernel-macros
  • suse-upgrade-kernel-obs-build
  • suse-upgrade-kernel-preempt
  • suse-upgrade-kernel-preempt-devel
  • suse-upgrade-kernel-source
  • suse-upgrade-kernel-source-azure
  • suse-upgrade-kernel-syms
  • suse-upgrade-kernel-syms-azure
  • suse-upgrade-kernel-trace
  • suse-upgrade-kernel-trace-base
  • suse-upgrade-kernel-trace-devel
  • suse-upgrade-kernel-xen
  • suse-upgrade-kernel-xen-base
  • suse-upgrade-kernel-xen-devel
  • suse-upgrade-kernel-zfcpdump
  • suse-upgrade-reiserfs-kmp-default

References

  • https://attackerkb.com/topics/cve-2021-47321
  • CVE - 2021-47321
  • 查看数 696
  • 已创建
  • 最后回复
转到主题列表