CVE-2021-46979 (GCVE-0-2021-46979)

Vulnerability from cvelistv5 – Published: 2024-02-28 08:13 – Updated: 2026-05-11 13:45
VLAI
Title
iio: core: fix ioctl handlers removal
Summary
In the Linux kernel, the following vulnerability has been resolved: iio: core: fix ioctl handlers removal Currently ioctl handlers are removed twice. For the first time during iio_device_unregister() then later on inside iio_device_unregister_eventset() and iio_buffers_free_sysfs_and_mask(). Double free leads to kernel panic. Fix this by not touching ioctl handlers list directly but rather letting code responsible for registration call the matching cleanup routine itself.
Severity
No CVSS data available.
SSVC
Exploitation: none Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
Assigner
Impacted products
Vendor Product Version
Linux Linux Affected: 8dedcc3eee3aceb37832176f0a1b03d5687acda3 , < 11e1cae5da4096552f7c091476cbadbc0d1817da (git)
Affected: 8dedcc3eee3aceb37832176f0a1b03d5687acda3 , < ab6c935ba3a04317632f3b8b68675bdbaf395303 (git)
Affected: 8dedcc3eee3aceb37832176f0a1b03d5687acda3 , < 901f84de0e16bde10a72d7eb2f2eb73fcde8fa1a (git)
Create a notification for this product.
Linux Linux Affected: 5.11
Unaffected: 0 , < 5.11 (semver)
Unaffected: 5.11.22 , ≤ 5.11.* (semver)
Unaffected: 5.12.5 , ≤ 5.12.* (semver)
Unaffected: 5.13 , ≤ * (original_commit_for_fix)
Create a notification for this product.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-46979",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-03-05T16:50:41.718465Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:13:09.338Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T05:24:38.457Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/11e1cae5da4096552f7c091476cbadbc0d1817da"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/ab6c935ba3a04317632f3b8b68675bdbaf395303"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/901f84de0e16bde10a72d7eb2f2eb73fcde8fa1a"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/iio/industrialio-core.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "11e1cae5da4096552f7c091476cbadbc0d1817da",
              "status": "affected",
              "version": "8dedcc3eee3aceb37832176f0a1b03d5687acda3",
              "versionType": "git"
            },
            {
              "lessThan": "ab6c935ba3a04317632f3b8b68675bdbaf395303",
              "status": "affected",
              "version": "8dedcc3eee3aceb37832176f0a1b03d5687acda3",
              "versionType": "git"
            },
            {
              "lessThan": "901f84de0e16bde10a72d7eb2f2eb73fcde8fa1a",
              "status": "affected",
              "version": "8dedcc3eee3aceb37832176f0a1b03d5687acda3",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/iio/industrialio-core.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "5.11"
            },
            {
              "lessThan": "5.11",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.11.*",
              "status": "unaffected",
              "version": "5.11.22",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.12.*",
              "status": "unaffected",
              "version": "5.12.5",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.13",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.11.22",
                  "versionStartIncluding": "5.11",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.12.5",
                  "versionStartIncluding": "5.11",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.13",
                  "versionStartIncluding": "5.11",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\niio: core: fix ioctl handlers removal\n\nCurrently ioctl handlers are removed twice. For the first time during\niio_device_unregister() then later on inside\niio_device_unregister_eventset() and iio_buffers_free_sysfs_and_mask().\nDouble free leads to kernel panic.\n\nFix this by not touching ioctl handlers list directly but rather\nletting code responsible for registration call the matching cleanup\nroutine itself."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-05-11T13:45:36.561Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/11e1cae5da4096552f7c091476cbadbc0d1817da"
        },
        {
          "url": "https://git.kernel.org/stable/c/ab6c935ba3a04317632f3b8b68675bdbaf395303"
        },
        {
          "url": "https://git.kernel.org/stable/c/901f84de0e16bde10a72d7eb2f2eb73fcde8fa1a"
        }
      ],
      "title": "iio: core: fix ioctl handlers removal",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2021-46979",
    "datePublished": "2024-02-28T08:13:09.736Z",
    "dateReserved": "2024-02-27T18:42:55.945Z",
    "dateUpdated": "2026-05-11T13:45:36.561Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2021-46979",
      "date": "2026-07-18",
      "epss": "0.00222",
      "percentile": "0.12697"
    },
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"5.11\", \"versionEndExcluding\": \"5.11.22\", \"matchCriteriaId\": \"83B53E9A-F426-4C03-9A5F-A931FF79827E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"5.12\", \"versionEndExcluding\": \"5.12.5\", \"matchCriteriaId\": \"0274929A-B36C-4F4C-AB22-30A0DD6B995B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:5.13:rc1:*:*:*:*:*:*\", \"matchCriteriaId\": \"0CBAD0FC-C281-4666-AB2F-F8E6E1165DF7\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"In the Linux kernel, the following vulnerability has been resolved:\\n\\niio: core: fix ioctl handlers removal\\n\\nCurrently ioctl handlers are removed twice. For the first time during\\niio_device_unregister() then later on inside\\niio_device_unregister_eventset() and iio_buffers_free_sysfs_and_mask().\\nDouble free leads to kernel panic.\\n\\nFix this by not touching ioctl handlers list directly but rather\\nletting code responsible for registration call the matching cleanup\\nroutine itself.\"}, {\"lang\": \"es\", \"value\": \"En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: iio: core: arreglar la eliminaci\\u00f3n de los controladores ioctl Actualmente, los controladores ioctl se eliminan dos veces. Por primera vez durante iio_device_unregister() y luego dentro de iio_device_unregister_eventset() y iio_buffers_free_sysfs_and_mask(). La doble liberaci\\u00f3n conduce al p\\u00e1nico en el kernel. Para solucionar este problema, no toque directamente la lista de controladores ioctl, sino que permita que el c\\u00f3digo responsable del registro llame a la rutina de limpieza coincidente.\"}]",
      "id": "CVE-2021-46979",
      "lastModified": "2024-12-31T16:02:49.137",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\", \"baseScore\": 5.5, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"LOCAL\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 1.8, \"impactScore\": 3.6}]}",
      "published": "2024-02-28T09:15:37.230",
      "references": "[{\"url\": \"https://git.kernel.org/stable/c/11e1cae5da4096552f7c091476cbadbc0d1817da\", \"source\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\", \"tags\": [\"Patch\"]}, {\"url\": \"https://git.kernel.org/stable/c/901f84de0e16bde10a72d7eb2f2eb73fcde8fa1a\", \"source\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\", \"tags\": [\"Patch\"]}, {\"url\": \"https://git.kernel.org/stable/c/ab6c935ba3a04317632f3b8b68675bdbaf395303\", \"source\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\", \"tags\": [\"Patch\"]}, {\"url\": \"https://git.kernel.org/stable/c/11e1cae5da4096552f7c091476cbadbc0d1817da\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\"]}, {\"url\": \"https://git.kernel.org/stable/c/901f84de0e16bde10a72d7eb2f2eb73fcde8fa1a\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\"]}, {\"url\": \"https://git.kernel.org/stable/c/ab6c935ba3a04317632f3b8b68675bdbaf395303\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\"]}]",
      "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "vulnStatus": "Analyzed",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-415\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2021-46979\",\"sourceIdentifier\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"published\":\"2024-02-28T09:15:37.230\",\"lastModified\":\"2026-06-17T04:16:03.583\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In the Linux kernel, the following vulnerability has been resolved:\\n\\niio: core: fix ioctl handlers removal\\n\\nCurrently ioctl handlers are removed twice. For the first time during\\niio_device_unregister() then later on inside\\niio_device_unregister_eventset() and iio_buffers_free_sysfs_and_mask().\\nDouble free leads to kernel panic.\\n\\nFix this by not touching ioctl handlers list directly but rather\\nletting code responsible for registration call the matching cleanup\\nroutine itself.\"},{\"lang\":\"es\",\"value\":\"En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: iio: core: arreglar la eliminaci\u00f3n de los controladores ioctl Actualmente, los controladores ioctl se eliminan dos veces. Por primera vez durante iio_device_unregister() y luego dentro de iio_device_unregister_eventset() y iio_buffers_free_sysfs_and_mask(). La doble liberaci\u00f3n conduce al p\u00e1nico en el kernel. Para solucionar este problema, no toque directamente la lista de controladores ioctl, sino que permita que el c\u00f3digo responsable del registro llame a la rutina de limpieza coincidente.\"}],\"affected\":[{\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"affectedData\":[{\"vendor\":\"Linux\",\"product\":\"Linux\",\"defaultStatus\":\"unaffected\",\"programFiles\":[\"drivers/iio/industrialio-core.c\"],\"repo\":\"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git\",\"versions\":[{\"version\":\"8dedcc3eee3aceb37832176f0a1b03d5687acda3\",\"lessThan\":\"11e1cae5da4096552f7c091476cbadbc0d1817da\",\"versionType\":\"git\",\"status\":\"affected\"},{\"version\":\"8dedcc3eee3aceb37832176f0a1b03d5687acda3\",\"lessThan\":\"ab6c935ba3a04317632f3b8b68675bdbaf395303\",\"versionType\":\"git\",\"status\":\"affected\"},{\"version\":\"8dedcc3eee3aceb37832176f0a1b03d5687acda3\",\"lessThan\":\"901f84de0e16bde10a72d7eb2f2eb73fcde8fa1a\",\"versionType\":\"git\",\"status\":\"affected\"}]},{\"vendor\":\"Linux\",\"product\":\"Linux\",\"defaultStatus\":\"affected\",\"programFiles\":[\"drivers/iio/industrialio-core.c\"],\"repo\":\"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git\",\"versions\":[{\"version\":\"5.11\",\"status\":\"affected\"},{\"version\":\"0\",\"lessThan\":\"5.11\",\"versionType\":\"semver\",\"status\":\"unaffected\"},{\"version\":\"5.11.22\",\"lessThanOrEqual\":\"5.11.*\",\"versionType\":\"semver\",\"status\":\"unaffected\"},{\"version\":\"5.12.5\",\"lessThanOrEqual\":\"5.12.*\",\"versionType\":\"semver\",\"status\":\"unaffected\"},{\"version\":\"5.13\",\"lessThanOrEqual\":\"*\",\"versionType\":\"original_commit_for_fix\",\"status\":\"unaffected\"}]}]}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":5.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":3.6}],\"ssvcV203\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"ssvcData\":{\"timestamp\":\"2024-03-05T16:50:41.718465Z\",\"id\":\"CVE-2021-46979\",\"options\":[{\"exploitation\":\"none\"},{\"automatable\":\"no\"},{\"technicalImpact\":\"partial\"}],\"role\":\"CISA Coordinator\",\"version\":\"2.0.3\"}}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-415\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.11\",\"versionEndExcluding\":\"5.11.22\",\"matchCriteriaId\":\"83B53E9A-F426-4C03-9A5F-A931FF79827E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.12\",\"versionEndExcluding\":\"5.12.5\",\"matchCriteriaId\":\"0274929A-B36C-4F4C-AB22-30A0DD6B995B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:5.13:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"0CBAD0FC-C281-4666-AB2F-F8E6E1165DF7\"}]}]}],\"references\":[{\"url\":\"https://git.kernel.org/stable/c/11e1cae5da4096552f7c091476cbadbc0d1817da\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/901f84de0e16bde10a72d7eb2f2eb73fcde8fa1a\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/ab6c935ba3a04317632f3b8b68675bdbaf395303\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/11e1cae5da4096552f7c091476cbadbc0d1817da\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/901f84de0e16bde10a72d7eb2f2eb73fcde8fa1a\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/ab6c935ba3a04317632f3b8b68675bdbaf395303\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]}]}}",
    "redhat_vex": {
      "aggregate_severity": "Low",
      "current_release_date": "2025-11-21T14:09:43+00:00",
      "cve": "CVE-2021-46979",
      "id": "CVE-2021-46979",
      "initial_release_date": "2021-01-01T00:00:00+00:00",
      "product_status:known_affected": "42",
      "product_status:known_not_affected": "156",
      "source": "Red Hat CSAF VEX",
      "status": "final",
      "title": "kernel: iio: core: fix ioctl handlers removal",
      "url": "https://security.access.redhat.com/data/csaf/v2/vex/2021/cve-2021-46979.json",
      "version": "3"
    },
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://git.kernel.org/stable/c/11e1cae5da4096552f7c091476cbadbc0d1817da\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://git.kernel.org/stable/c/ab6c935ba3a04317632f3b8b68675bdbaf395303\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://git.kernel.org/stable/c/901f84de0e16bde10a72d7eb2f2eb73fcde8fa1a\", \"tags\": [\"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-04T05:24:38.457Z\"}}, {\"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2021-46979\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-03-05T16:50:41.718465Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-05-23T19:01:15.426Z\"}, \"title\": \"CISA ADP Vulnrichment\"}], \"cna\": {\"title\": \"iio: core: fix ioctl handlers removal\", \"affected\": [{\"repo\": \"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git\", \"vendor\": \"Linux\", \"product\": \"Linux\", \"versions\": [{\"status\": \"affected\", \"version\": \"8dedcc3eee3aceb37832176f0a1b03d5687acda3\", \"lessThan\": \"11e1cae5da4096552f7c091476cbadbc0d1817da\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"8dedcc3eee3aceb37832176f0a1b03d5687acda3\", \"lessThan\": \"ab6c935ba3a04317632f3b8b68675bdbaf395303\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"8dedcc3eee3aceb37832176f0a1b03d5687acda3\", \"lessThan\": \"901f84de0e16bde10a72d7eb2f2eb73fcde8fa1a\", \"versionType\": \"git\"}], \"programFiles\": [\"drivers/iio/industrialio-core.c\"], \"defaultStatus\": \"unaffected\"}, {\"repo\": \"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git\", \"vendor\": \"Linux\", \"product\": \"Linux\", \"versions\": [{\"status\": \"affected\", \"version\": \"5.11\"}, {\"status\": \"unaffected\", \"version\": \"0\", \"lessThan\": \"5.11\", \"versionType\": \"semver\"}, {\"status\": \"unaffected\", \"version\": \"5.11.22\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"5.11.*\"}, {\"status\": \"unaffected\", \"version\": \"5.12.5\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"5.12.*\"}, {\"status\": \"unaffected\", \"version\": \"5.13\", \"versionType\": \"original_commit_for_fix\", \"lessThanOrEqual\": \"*\"}], \"programFiles\": [\"drivers/iio/industrialio-core.c\"], \"defaultStatus\": \"affected\"}], \"references\": [{\"url\": \"https://git.kernel.org/stable/c/11e1cae5da4096552f7c091476cbadbc0d1817da\"}, {\"url\": \"https://git.kernel.org/stable/c/ab6c935ba3a04317632f3b8b68675bdbaf395303\"}, {\"url\": \"https://git.kernel.org/stable/c/901f84de0e16bde10a72d7eb2f2eb73fcde8fa1a\"}], \"x_generator\": {\"engine\": \"bippy-1.2.0\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"In the Linux kernel, the following vulnerability has been resolved:\\n\\niio: core: fix ioctl handlers removal\\n\\nCurrently ioctl handlers are removed twice. For the first time during\\niio_device_unregister() then later on inside\\niio_device_unregister_eventset() and iio_buffers_free_sysfs_and_mask().\\nDouble free leads to kernel panic.\\n\\nFix this by not touching ioctl handlers list directly but rather\\nletting code responsible for registration call the matching cleanup\\nroutine itself.\"}], \"cpeApplicability\": [{\"nodes\": [{\"negate\": false, \"cpeMatch\": [{\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"5.11.22\", \"versionStartIncluding\": \"5.11\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"5.12.5\", \"versionStartIncluding\": \"5.11\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"5.13\", \"versionStartIncluding\": \"5.11\"}], \"operator\": \"OR\"}]}], \"providerMetadata\": {\"orgId\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\", \"shortName\": \"Linux\", \"dateUpdated\": \"2025-05-04T07:01:38.591Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2021-46979\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-05-04T07:01:38.591Z\", \"dateReserved\": \"2024-02-27T18:42:55.945Z\", \"assignerOrgId\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\", \"datePublished\": \"2024-02-28T08:13:09.736Z\", \"assignerShortName\": \"Linux\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}



Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading…

Loading…

Loading…

Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.

Sightings

Author Source Type Date Other

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Loading…

Detection rules are retrieved from Rulezet.

Loading…

Loading…