Loading HuntDB...
Hunt
Vulnerability Intelligence by wss.sh
Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News
Sign In Sign Up

CVE-2021-47324

HIGH
Published 2024-05-21T14:35:37.844Z
Actions:

Expert Analysis

Professional remediation guidance

Get tailored security recommendations from our analyst team for CVE-2021-47324. We'll provide specific mitigation strategies based on your environment and risk profile.

CVSS Score

V3.1
8.8
/10
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Base Score Metrics
Exploitability: N/A Impact: N/A

EPSS Score

v2023.03.01
0.000
probability
of exploitation in the wild

There is a 0.0% chance that this vulnerability will be exploited in the wild within the next 30 days.

Updated: 2025-01-25
Exploit Probability
Percentile: 0.152
Higher than 15.2% of all CVEs

Attack Vector Metrics

Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED

Impact Metrics

Confidentiality
HIGH
Integrity
HIGH
Availability
HIGH

Description

In the Linux kernel, the following vulnerability has been resolved:

watchdog: Fix possible use-after-free in wdt_startup()

This module's remove path calls del_timer(). However, that function
does not wait until the timer handler finishes. This means that the
timer handler may still be running after the driver's remove function
has finished, which would result in a use-after-free.

Fix by calling del_timer_sync(), which makes sure the timer handler
has finished, and unable to re-schedule itself.

Available Exploits

No exploits available for this CVE.

Related News

No news articles found for this CVE.

Affected Products

Linux

Linux

Affected Versions:

1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2
Linux

Linux

Affected Versions:

4.4.276 4.9.276 4.14.240 4.19.198 5.4.134 5.10.52 5.12.19 5.13.4 5.14
linux

linux_kernel

Affected Versions:

0 1da177e4c3f4 1da177e4c3f4 1da177e4c3f4 1da177e4c3f4 1da177e4c3f4 1da177e4c3f4 1da177e4c3f4 1da177e4c3f4 1da177e4c3f4

GitHub Security Advisories

Community-driven vulnerability intelligence from GitHub

⚠ Unreviewed HIGH

GHSA-fpq3-4hc6-6rvg

Advisory Details

In the Linux kernel, the following vulnerability has been resolved: watchdog: Fix possible use-after-free in wdt_startup() This module's remove path calls del_timer(). However, that function does not wait until the timer handler finishes. This means that the timer handler may still be running after the driver's remove function has finished, which would result in a use-after-free. Fix by calling del_timer_sync(), which makes sure the timer handler has finished, and unable to re-schedule itself.

CVSS Scoring

CVSS Score

7.5

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

References

ADVISORY https://nvd.nist.gov/vuln/detail/CVE-2021-47324
WEB https://git.kernel.org/stable/c/0ac50a76cf3cd63db000648b3b19f3f98b8aaa76
WEB https://git.kernel.org/stable/c/146cc288fb80c662c9c35e7bc58325d1ac0a7875
WEB https://git.kernel.org/stable/c/63a3dc24bd053792f84cb4eef0168b1266202a02
WEB https://git.kernel.org/stable/c/862f2b5a7c38762ac9e369daefbf361a91aca685
WEB https://git.kernel.org/stable/c/8adbbe6c86bb13e14f8a19e036ae5f4f5661fd90
WEB https://git.kernel.org/stable/c/a397cb4576fc2fc802562418b3a50b8f67d60d31
WEB https://git.kernel.org/stable/c/b4ebf4a4692e84163a69444c70ad515de06e2259
WEB https://git.kernel.org/stable/c/c08a6b31e4917034f0ed0cb457c3bb209576f542
WEB https://git.kernel.org/stable/c/dc9403097be52d57a5c9c35efa9be79d166a78af

Advisory provided by GitHub Security Advisory Database. Published: May 21, 2024, Modified: July 3, 2024

References

https://git.kernel.org/stable/c/63a3dc24bd053792f84cb4eef0168b1266202a02
https://git.kernel.org/stable/c/862f2b5a7c38762ac9e369daefbf361a91aca685
https://git.kernel.org/stable/c/0ac50a76cf3cd63db000648b3b19f3f98b8aaa76
https://git.kernel.org/stable/c/dc9403097be52d57a5c9c35efa9be79d166a78af
https://git.kernel.org/stable/c/146cc288fb80c662c9c35e7bc58325d1ac0a7875
https://git.kernel.org/stable/c/a397cb4576fc2fc802562418b3a50b8f67d60d31
https://git.kernel.org/stable/c/b4ebf4a4692e84163a69444c70ad515de06e2259
https://git.kernel.org/stable/c/8adbbe6c86bb13e14f8a19e036ae5f4f5661fd90
https://git.kernel.org/stable/c/c08a6b31e4917034f0ed0cb457c3bb209576f542
Published: 2024-05-21T14:35:37.844Z
Last Modified: 2025-05-04T07:08:41.321Z
Copied to clipboard!