CVE-2021-47500

iio: mma8452: Fix trigger reference couting

Severity Score

7.8

*CVSS v3

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

Track

*SSVC

Descriptions

In the Linux kernel, the following vulnerability has been resolved: iio: mma8452: Fix trigger reference couting The mma8452 driver directly assigns a trigger to the struct iio_dev. The
IIO core when done using this trigger will call `iio_trigger_put()` to drop
the reference count by 1. Without the matching `iio_trigger_get()` in the driver the reference count
can reach 0 too early, the trigger gets freed while still in use and a
use-after-free occurs. Fix this by getting a reference to the trigger before assigning it to the
IIO device.

En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: iio: mma8452: corrección del cálculo de referencia del disparador El controlador mma8452 asigna directamente un disparador a la estructura iio_dev. El núcleo de IIO, cuando termine de usar este activador, llamará a `iio_trigger_put()` para reducir el recuento de referencias en 1. Sin el `iio_trigger_get()` coincidente en el controlador, el recuento de referencias puede llegar a 0 demasiado pronto, el activador se libera mientras aún está en se produce un uso y un use-after-free. Solucione este problema obteniendo una referencia al disparador antes de asignarlo al dispositivo IIO.

In the Linux kernel, the following vulnerability has been resolved: iio: mma8452: Fix trigger reference couting The mma8452 driver directly assigns a trigger to the struct iio_dev. The IIO core when done using this trigger will call `iio_trigger_put()` to drop the reference count by 1. Without the matching `iio_trigger_get()` in the driver the reference count can reach 0 too early, the trigger gets freed while still in use and a use-after-free occurs. Fix this by getting a reference to the trigger before assigning it to the IIO device.

*Credits: N/A

Attack Vector

Local

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Attack Vector

Local

Attack Complexity

Low

Authentication

Single

Confidentiality

Complete

Integrity

Complete

Availability

Complete

* Common Vulnerability Scoring System

SSVC

Decision:Track

Exploitation

None

Automatable

Tech. Impact

Partial

* Organization's Worst-case Scenario

Timeline

2024-05-22 CVE Reserved
2024-05-24 CVE Published
2024-12-19 CVE Updated
2025-03-20 EPSS Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CAPEC

References (9)

URL	Tag	Source
https://git.kernel.org/stable/c/ae6d9ce05691bf79694074db7c7da980080548af	Vuln. Introduced

URL	Date	SRC

URL	Date	SRC
https://git.kernel.org/stable/c/094d513b78b1714113bc016684b8142382e071ba	2021-12-14
https://git.kernel.org/stable/c/fb75cc4740d81264cd5bcb0e17d961d018a8be96	2021-12-14
https://git.kernel.org/stable/c/794c0898f6bf39a458655d5fb4af70ec43a5cfcb	2021-12-14
https://git.kernel.org/stable/c/f5deab10ced368c807866283f8b79144c4823be8	2021-12-14
https://git.kernel.org/stable/c/acf0088ac073ca6e7f4cad6acac112177e08df5e	2021-12-14
https://git.kernel.org/stable/c/db12d95085367de8b0223929d1332731024441f1	2021-12-14
https://git.kernel.org/stable/c/c43517071dfc9fce34f8f69dbb98a86017f6b739	2021-12-14
https://git.kernel.org/stable/c/cd0082235783f814241a1c9483fb89e405f4f892	2021-11-17

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.2 < 4.4.295 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.2 < 4.4.295"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.2 < 4.9.293 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.2 < 4.9.293"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.2 < 4.14.258 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.2 < 4.14.258"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.2 < 4.19.221 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.2 < 4.19.221"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.2 < 5.4.165 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.2 < 5.4.165"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.2 < 5.10.85 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.2 < 5.10.85"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.2 < 5.15.8 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.2 < 5.15.8"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.2 < 5.16 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.2 < 5.16"		en		Affected