CVE-2021-46966

Description

In the Linux kernel, the following vulnerability has been resolved: ACPI: custom_method: fix potential use-after-free issue In cm_write(), buf is always freed when reaching the end of the function. If the requested count is less than table.length, the allocated buffer will be freed but subsequent calls to cm_write() will still try to access it. Remove the unconditional kfree(buf) at the end of the function and set the buf to NULL in the -EINVAL error path to match the rest of function.

Reserved 2024-02-27 | Published 2024-02-27 | Updated 2024-12-19 | Assigner Linux

Product status

Default status
unaffected

4bda2b79a9d04c8ba31681c66e95877dbb433416 before 1d53ca5d131074c925ce38361fb0376d3bf7e394
affected

5c12dadcbef8cd55ef1f5dac799bfcbb7ea7db1d before 8b04d57f30caf76649d0567551589af9a66ca9be
affected

35b88a10535edcf62d3e6b7893a8cd506ff98a24 before 90575d1d9311b753cf1718f4ce9061ddda7dfd23
affected

e4467fb6ef547aa352dc03397f9474ec84eced5b before a5b26a2e362f572d87e9fd35435680e557052a17
affected

03d1571d9513369c17e6848476763ebbd10ec2cb before 72814a94c38a33239793f7622cec6ace1e540c4b
affected

03d1571d9513369c17e6848476763ebbd10ec2cb before 62dc2440ebb552aa0d7f635e1697e077d9d21203
affected

03d1571d9513369c17e6848476763ebbd10ec2cb before f16737caf41fc06cfe6e49048becb09657074d4b
affected

03d1571d9513369c17e6848476763ebbd10ec2cb before b7a5baaae212a686ceb812c32fceed79c03c0234
affected

03d1571d9513369c17e6848476763ebbd10ec2cb before e483bb9a991bdae29a0caa4b3a6d002c968f94aa
affected

Default status
affected

5.4
affected

Any version before 5.4
unaffected

4.4.269
unaffected

4.9.269
unaffected

4.14.233
unaffected

4.19.191
unaffected

5.4.118
unaffected

5.10.36
unaffected

5.11.20
unaffected

5.12.3
unaffected

5.13
unaffected

References

git.kernel.org/...c/1d53ca5d131074c925ce38361fb0376d3bf7e394

git.kernel.org/...c/8b04d57f30caf76649d0567551589af9a66ca9be

git.kernel.org/...c/90575d1d9311b753cf1718f4ce9061ddda7dfd23

git.kernel.org/...c/a5b26a2e362f572d87e9fd35435680e557052a17

git.kernel.org/...c/72814a94c38a33239793f7622cec6ace1e540c4b

git.kernel.org/...c/62dc2440ebb552aa0d7f635e1697e077d9d21203

git.kernel.org/...c/f16737caf41fc06cfe6e49048becb09657074d4b

git.kernel.org/...c/b7a5baaae212a686ceb812c32fceed79c03c0234

git.kernel.org/...c/e483bb9a991bdae29a0caa4b3a6d002c968f94aa

cve.org (CVE-2021-46966)

nvd.nist.gov (CVE-2021-46966)

Download JSON