Linux Kernel liteuart serial driver UAF & memleak on unbind
CVE-2021-47525 Published on May 24, 2024
serial: liteuart: fix use-after-free and memleak on unbind
In the Linux kernel, the following vulnerability has been resolved:
serial: liteuart: fix use-after-free and memleak on unbind
Deregister the port when unbinding the driver to prevent it from being
used after releasing the driver data and leaking memory allocated by
serial core.
Products Associated with CVE-2021-47525
Want to know whenever a new CVE is published for Linux Kernel? stack.watch will email you.
Affected Versions
Linux:- Version 1da81e5562fac8286567422cc56a7fbd0dc646d4 and below 602824cf9aa9db8830ffe5cfb2cd54365cada4fe is affected.
- Version 1da81e5562fac8286567422cc56a7fbd0dc646d4 and below 05f929b395dec8957b636ff14e66b277ed022ed9 is affected.
- Version 5.11 is affected.
- Before 5.11 is unaffected.
- Version 5.15.7, <= 5.15.* is unaffected.
- Version 5.16, <= * is unaffected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.