CVE-2021-47456

Source
https://nvd.nist.gov/vuln/detail/CVE-2021-47456
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2021-47456.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2021-47456
Downstream
Related
Published
2024-05-22T07:15:10Z
Modified
2025-08-09T20:01:27Z
Summary
[none]
Details

In the Linux kernel, the following vulnerability has been resolved:

can: peakpci: peakpci_remove(): fix UAF

When remove the module peek_pci, referencing 'chan' again after releasing 'dev' will cause UAF.

Fix this by releasing 'dev' later.

The following log reveals it:

[ 35.961814 ] BUG: KASAN: use-after-free in peakpciremove+0x16f/0x270 [peakpci] [ 35.963414 ] Read of size 8 at addr ffff888136998ee8 by task modprobe/5537 [ 35.965513 ] Call Trace: [ 35.965718 ] dumpstacklvl+0xa8/0xd1 [ 35.966028 ] printaddressdescription+0x87/0x3b0 [ 35.966420 ] kasanreport+0x172/0x1c0 [ 35.966725 ] ? peakpciremove+0x16f/0x270 [peakpci] [ 35.967137 ] ? traceirqenablercuidle+0x10/0x170 [ 35.967529 ] ? peakpciremove+0x16f/0x270 [peakpci] [ 35.967945 ] _asanreportload8noabort+0x14/0x20 [ 35.968346 ] peakpciremove+0x16f/0x270 [peakpci] [ 35.968752 ] pcideviceremove+0xa9/0x250

References

Affected packages