CVE-2021-46966 | THREATINT

Description

In the Linux kernel, the following vulnerability has been resolved: ACPI: custom_method: fix potential use-after-free issue In cm_write(), buf is always freed when reaching the end of the function. If the requested count is less than table.length, the allocated buffer will be freed but subsequent calls to cm_write() will still try to access it. Remove the unconditional kfree(buf) at the end of the function and set the buf to NULL in the -EINVAL error path to match the rest of function.

PUBLISHED Reserved 2024-02-27 | Published 2024-02-27 | Updated 2025-05-04 | Assigner Linux

Product status

Default status

unaffected

4bda2b79a9d04c8ba31681c66e95877dbb433416 before 1d53ca5d131074c925ce38361fb0376d3bf7e394

affected

5c12dadcbef8cd55ef1f5dac799bfcbb7ea7db1d before 8b04d57f30caf76649d0567551589af9a66ca9be

affected

35b88a10535edcf62d3e6b7893a8cd506ff98a24 before 90575d1d9311b753cf1718f4ce9061ddda7dfd23

affected

e4467fb6ef547aa352dc03397f9474ec84eced5b before a5b26a2e362f572d87e9fd35435680e557052a17

affected

03d1571d9513369c17e6848476763ebbd10ec2cb before 72814a94c38a33239793f7622cec6ace1e540c4b

affected

03d1571d9513369c17e6848476763ebbd10ec2cb before 62dc2440ebb552aa0d7f635e1697e077d9d21203

affected

03d1571d9513369c17e6848476763ebbd10ec2cb before f16737caf41fc06cfe6e49048becb09657074d4b

affected

03d1571d9513369c17e6848476763ebbd10ec2cb before b7a5baaae212a686ceb812c32fceed79c03c0234

affected

03d1571d9513369c17e6848476763ebbd10ec2cb before e483bb9a991bdae29a0caa4b3a6d002c968f94aa

affected

70424999fbf1f160ade111cb9baab51776e0f9c2

affected

06cd4a06eb596a888239fb8ceb6ea15677cab396

affected

Default status

affected

5.4

affected

Any version before 5.4

unaffected

4.4.269

unaffected

4.9.269

unaffected

4.14.233

unaffected

4.19.191

unaffected

5.4.118

unaffected

5.10.36

unaffected

5.11.20

unaffected

5.12.3

unaffected

5.13

unaffected

References

git.kernel.org/...c/1d53ca5d131074c925ce38361fb0376d3bf7e394

git.kernel.org/...c/8b04d57f30caf76649d0567551589af9a66ca9be

git.kernel.org/...c/90575d1d9311b753cf1718f4ce9061ddda7dfd23

git.kernel.org/...c/a5b26a2e362f572d87e9fd35435680e557052a17

git.kernel.org/...c/72814a94c38a33239793f7622cec6ace1e540c4b

git.kernel.org/...c/62dc2440ebb552aa0d7f635e1697e077d9d21203

git.kernel.org/...c/f16737caf41fc06cfe6e49048becb09657074d4b

git.kernel.org/...c/b7a5baaae212a686ceb812c32fceed79c03c0234

git.kernel.org/...c/e483bb9a991bdae29a0caa4b3a6d002c968f94aa

cve.org (CVE-2021-46966)

nvd.nist.gov (CVE-2021-46966)

Download JSON