Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2021-47323

Summary
Assigner-Linux
Assigner Org ID-416baaa9-dc9f-4396-8d5f-8c081fb06d67
Published At-21 May, 2024 | 14:35
Updated At-04 May, 2025 | 07:08
Rejected At-
Credits

watchdog: sc520_wdt: Fix possible use-after-free in wdt_turnoff()

In the Linux kernel, the following vulnerability has been resolved: watchdog: sc520_wdt: Fix possible use-after-free in wdt_turnoff() This module's remove path calls del_timer(). However, that function does not wait until the timer handler finishes. This means that the timer handler may still be running after the driver's remove function has finished, which would result in a use-after-free. Fix by calling del_timer_sync(), which makes sure the timer handler has finished, and unable to re-schedule itself.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:Linux
Assigner Org ID:416baaa9-dc9f-4396-8d5f-8c081fb06d67
Published At:21 May, 2024 | 14:35
Updated At:04 May, 2025 | 07:08
Rejected At:
▼CVE Numbering Authority (CNA)
watchdog: sc520_wdt: Fix possible use-after-free in wdt_turnoff()

In the Linux kernel, the following vulnerability has been resolved: watchdog: sc520_wdt: Fix possible use-after-free in wdt_turnoff() This module's remove path calls del_timer(). However, that function does not wait until the timer handler finishes. This means that the timer handler may still be running after the driver's remove function has finished, which would result in a use-after-free. Fix by calling del_timer_sync(), which makes sure the timer handler has finished, and unable to re-schedule itself.

Affected Products
Vendor
Linux Kernel Organization, IncLinux
Product
Linux
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Program Files
  • drivers/watchdog/sc520_wdt.c
Default Status
unaffected
Versions
Affected
  • From 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 before 0015581a79bbf8e521f85dddb7d3e4a66b9f51d4 (git)
  • From 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 before b4565a8a2d6bffb05bfbec11399d261ec16fe373 (git)
  • From 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 before 2aef07017fae21c3d8acea9656b10e3b9c0f1e04 (git)
  • From 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 before 522e75ed63f67e815d4ec0deace67df22d9ce78e (git)
  • From 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 before 7c56c5508dc20a6b133bc669fc34327a6711c24c (git)
  • From 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 before a173e3b62cf6dd3c4a0a10c8a82eedfcae81a566 (git)
  • From 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 before b3c41ea5bc34d8c7b19e230d80e0e555c6f5057d (git)
  • From 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 before f0feab82f6a0323f54d85e8b512a2be64f83648a (git)
  • From 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 before 90b7c141132244e8e49a34a4c1e445cce33e07f4 (git)
Vendor
Linux Kernel Organization, IncLinux
Product
Linux
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Program Files
  • drivers/watchdog/sc520_wdt.c
Default Status
affected
Versions
Unaffected
  • From 4.4.276 through 4.4.* (semver)
  • From 4.9.276 through 4.9.* (semver)
  • From 4.14.240 through 4.14.* (semver)
  • From 4.19.198 through 4.19.* (semver)
  • From 5.4.134 through 5.4.* (semver)
  • From 5.10.52 through 5.10.* (semver)
  • From 5.12.19 through 5.12.* (semver)
  • From 5.13.4 through 5.13.* (semver)
  • From 5.14 through * (original_commit_for_fix)
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://git.kernel.org/stable/c/0015581a79bbf8e521f85dddb7d3e4a66b9f51d4
N/A
https://git.kernel.org/stable/c/b4565a8a2d6bffb05bfbec11399d261ec16fe373
N/A
https://git.kernel.org/stable/c/2aef07017fae21c3d8acea9656b10e3b9c0f1e04
N/A
https://git.kernel.org/stable/c/522e75ed63f67e815d4ec0deace67df22d9ce78e
N/A
https://git.kernel.org/stable/c/7c56c5508dc20a6b133bc669fc34327a6711c24c
N/A
https://git.kernel.org/stable/c/a173e3b62cf6dd3c4a0a10c8a82eedfcae81a566
N/A
https://git.kernel.org/stable/c/b3c41ea5bc34d8c7b19e230d80e0e555c6f5057d
N/A
https://git.kernel.org/stable/c/f0feab82f6a0323f54d85e8b512a2be64f83648a
N/A
https://git.kernel.org/stable/c/90b7c141132244e8e49a34a4c1e445cce33e07f4
N/A
Hyperlink: https://git.kernel.org/stable/c/0015581a79bbf8e521f85dddb7d3e4a66b9f51d4
Resource: N/A
Hyperlink: https://git.kernel.org/stable/c/b4565a8a2d6bffb05bfbec11399d261ec16fe373
Resource: N/A
Hyperlink: https://git.kernel.org/stable/c/2aef07017fae21c3d8acea9656b10e3b9c0f1e04
Resource: N/A
Hyperlink: https://git.kernel.org/stable/c/522e75ed63f67e815d4ec0deace67df22d9ce78e
Resource: N/A
Hyperlink: https://git.kernel.org/stable/c/7c56c5508dc20a6b133bc669fc34327a6711c24c
Resource: N/A
Hyperlink: https://git.kernel.org/stable/c/a173e3b62cf6dd3c4a0a10c8a82eedfcae81a566
Resource: N/A
Hyperlink: https://git.kernel.org/stable/c/b3c41ea5bc34d8c7b19e230d80e0e555c6f5057d
Resource: N/A
Hyperlink: https://git.kernel.org/stable/c/f0feab82f6a0323f54d85e8b512a2be64f83648a
Resource: N/A
Hyperlink: https://git.kernel.org/stable/c/90b7c141132244e8e49a34a4c1e445cce33e07f4
Resource: N/A
▼Authorized Data Publishers (ADP)
1. CISA ADP Vulnrichment
Affected Products
Vendor
Linux Kernel Organization, Inclinux
Product
linux_kernel
CPEs
  • cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Default Status
affected
Versions
Affected
  • From 1da177e4c3f4 before 0015581a79bb (git)
  • From 1da177e4c3f4 before b4565a8a2d6b (git)
  • From 1da177e4c3f4 before 2aef07017fae (git)
  • From 1da177e4c3f4 before 522e75ed63f6 (git)
  • From 1da177e4c3f4 before 7c56c5508dc2 (git)
  • From 1da177e4c3f4 before a173e3b62cf6 (git)
  • From 1da177e4c3f4 before b3c41ea5bc34 (git)
  • From 1da177e4c3f4 before f0feab82f6a0 (git)
  • From 1da177e4c3f4 before 90b7c1411322 (git)
Unaffected
  • From 4.4.276 before 4.5 (semver)
  • From 4.9.276 before 4.10 (semver)
  • From 4.14.240 before 4.15 (semver)
  • From 4.19.198 before 4.20 (semver)
  • From 5.10.52 before 5.11 (semver)
  • From 5.12.19 before 5.13 (semver)
  • From 5.13.4 before 5.14 (semver)
  • From 5.14 through * (semver)
Problem Types
TypeCWE IDDescription
CWECWE-416CWE-416 Use After Free
Type: CWE
CWE ID: CWE-416
Description: CWE-416 Use After Free
Metrics
VersionBase scoreBase severityVector
3.18.8HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Version: 3.1
Base score: 8.8
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
2. CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://git.kernel.org/stable/c/0015581a79bbf8e521f85dddb7d3e4a66b9f51d4
x_transferred
https://git.kernel.org/stable/c/b4565a8a2d6bffb05bfbec11399d261ec16fe373
x_transferred
https://git.kernel.org/stable/c/2aef07017fae21c3d8acea9656b10e3b9c0f1e04
x_transferred
https://git.kernel.org/stable/c/522e75ed63f67e815d4ec0deace67df22d9ce78e
x_transferred
https://git.kernel.org/stable/c/7c56c5508dc20a6b133bc669fc34327a6711c24c
x_transferred
https://git.kernel.org/stable/c/a173e3b62cf6dd3c4a0a10c8a82eedfcae81a566
x_transferred
https://git.kernel.org/stable/c/b3c41ea5bc34d8c7b19e230d80e0e555c6f5057d
x_transferred
https://git.kernel.org/stable/c/f0feab82f6a0323f54d85e8b512a2be64f83648a
x_transferred
https://git.kernel.org/stable/c/90b7c141132244e8e49a34a4c1e445cce33e07f4
x_transferred
Hyperlink: https://git.kernel.org/stable/c/0015581a79bbf8e521f85dddb7d3e4a66b9f51d4
Resource:
x_transferred
Hyperlink: https://git.kernel.org/stable/c/b4565a8a2d6bffb05bfbec11399d261ec16fe373
Resource:
x_transferred
Hyperlink: https://git.kernel.org/stable/c/2aef07017fae21c3d8acea9656b10e3b9c0f1e04
Resource:
x_transferred
Hyperlink: https://git.kernel.org/stable/c/522e75ed63f67e815d4ec0deace67df22d9ce78e
Resource:
x_transferred
Hyperlink: https://git.kernel.org/stable/c/7c56c5508dc20a6b133bc669fc34327a6711c24c
Resource:
x_transferred
Hyperlink: https://git.kernel.org/stable/c/a173e3b62cf6dd3c4a0a10c8a82eedfcae81a566
Resource:
x_transferred
Hyperlink: https://git.kernel.org/stable/c/b3c41ea5bc34d8c7b19e230d80e0e555c6f5057d
Resource:
x_transferred
Hyperlink: https://git.kernel.org/stable/c/f0feab82f6a0323f54d85e8b512a2be64f83648a
Resource:
x_transferred
Hyperlink: https://git.kernel.org/stable/c/90b7c141132244e8e49a34a4c1e445cce33e07f4
Resource:
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:416baaa9-dc9f-4396-8d5f-8c081fb06d67
Published At:21 May, 2024 | 15:15
Updated At:21 May, 2024 | 16:54

In the Linux kernel, the following vulnerability has been resolved: watchdog: sc520_wdt: Fix possible use-after-free in wdt_turnoff() This module's remove path calls del_timer(). However, that function does not wait until the timer handler finishes. This means that the timer handler may still be running after the driver's remove function has finished, which would result in a use-after-free. Fix by calling del_timer_sync(), which makes sure the timer handler has finished, and unable to re-schedule itself.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
CPE Matches
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://git.kernel.org/stable/c/0015581a79bbf8e521f85dddb7d3e4a66b9f51d4416baaa9-dc9f-4396-8d5f-8c081fb06d67
N/A
https://git.kernel.org/stable/c/2aef07017fae21c3d8acea9656b10e3b9c0f1e04416baaa9-dc9f-4396-8d5f-8c081fb06d67
N/A
https://git.kernel.org/stable/c/522e75ed63f67e815d4ec0deace67df22d9ce78e416baaa9-dc9f-4396-8d5f-8c081fb06d67
N/A
https://git.kernel.org/stable/c/7c56c5508dc20a6b133bc669fc34327a6711c24c416baaa9-dc9f-4396-8d5f-8c081fb06d67
N/A
https://git.kernel.org/stable/c/90b7c141132244e8e49a34a4c1e445cce33e07f4416baaa9-dc9f-4396-8d5f-8c081fb06d67
N/A
https://git.kernel.org/stable/c/a173e3b62cf6dd3c4a0a10c8a82eedfcae81a566416baaa9-dc9f-4396-8d5f-8c081fb06d67
N/A
https://git.kernel.org/stable/c/b3c41ea5bc34d8c7b19e230d80e0e555c6f5057d416baaa9-dc9f-4396-8d5f-8c081fb06d67
N/A
https://git.kernel.org/stable/c/b4565a8a2d6bffb05bfbec11399d261ec16fe373416baaa9-dc9f-4396-8d5f-8c081fb06d67
N/A
https://git.kernel.org/stable/c/f0feab82f6a0323f54d85e8b512a2be64f83648a416baaa9-dc9f-4396-8d5f-8c081fb06d67
N/A
Hyperlink: https://git.kernel.org/stable/c/0015581a79bbf8e521f85dddb7d3e4a66b9f51d4
Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67
Resource: N/A
Hyperlink: https://git.kernel.org/stable/c/2aef07017fae21c3d8acea9656b10e3b9c0f1e04
Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67
Resource: N/A
Hyperlink: https://git.kernel.org/stable/c/522e75ed63f67e815d4ec0deace67df22d9ce78e
Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67
Resource: N/A
Hyperlink: https://git.kernel.org/stable/c/7c56c5508dc20a6b133bc669fc34327a6711c24c
Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67
Resource: N/A
Hyperlink: https://git.kernel.org/stable/c/90b7c141132244e8e49a34a4c1e445cce33e07f4
Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67
Resource: N/A
Hyperlink: https://git.kernel.org/stable/c/a173e3b62cf6dd3c4a0a10c8a82eedfcae81a566
Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67
Resource: N/A
Hyperlink: https://git.kernel.org/stable/c/b3c41ea5bc34d8c7b19e230d80e0e555c6f5057d
Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67
Resource: N/A
Hyperlink: https://git.kernel.org/stable/c/b4565a8a2d6bffb05bfbec11399d261ec16fe373
Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67
Resource: N/A
Hyperlink: https://git.kernel.org/stable/c/f0feab82f6a0323f54d85e8b512a2be64f83648a
Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

1299Records found
Details not found