CVE-2021-47571

staging: rtl8192e: Fix use after free in _rtl92e_pci_disconnect()

Severity Score

7.8

*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

Track

*SSVC

Descriptions

In the Linux kernel, the following vulnerability has been resolved:

staging: rtl8192e: Fix use after free in _rtl92e_pci_disconnect()

The free_rtllib() function frees the "dev" pointer so there is use
after free on the next line. Re-arrange things to avoid that.

En el kernel de Linux se ha resuelto la siguiente vulnerabilidad: staging: rtl8192e: Corrige el use after free en _rtl92e_pci_disconnect() La función free_rtllib() libera el puntero "dev" para que haya use after free en la siguiente línea. Reorganice las cosas para evitar eso.

*Credits: N/A

CVSS Scores

NISTv3.1 7.8

Attack Vector

Local

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

* Common Vulnerability Scoring System

SSVC

Decision:Track

Exploitation

None

Automatable

Tech. Impact

Partial

* Organization's Worst-case Scenario

Timeline

2024-05-24 CVE Reserved
2024-05-24 CVE Published
2024-06-11 EPSS Updated
2024-08-04 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-416: Use After Free

CAPEC

References (9)

URL	Tag	Source
https://git.kernel.org/stable/c/66898177e7e5486dc77a4ba742efa4e2e9e900a4	Vuln. Introduced

URL	Date	SRC

URL	Date	SRC
https://git.kernel.org/stable/c/d43aecb694b10db9a4228ce2d38b5ae8de374443	2021-12-08
https://git.kernel.org/stable/c/9186680382934b0e7529d3d70dcc0a21d087683b	2021-12-08
https://git.kernel.org/stable/c/c0ef0e75a858cbd8618b473f22fbca36106dcf82	2021-12-08
https://git.kernel.org/stable/c/bca19bb2dc2d89ce60c4a4a6e59609d4cf2e13ef	2021-12-01
https://git.kernel.org/stable/c/2e1ec01af2c7139c6a600bbfaea1a018b35094b6	2021-12-01
https://git.kernel.org/stable/c/8d0163cec7de995f9eb9c3128c83fb84f0cb1c64	2021-12-01
https://git.kernel.org/stable/c/e27ee2f607fe6a9b923ef1fc65461c0613c97594	2021-12-01
https://git.kernel.org/stable/c/b535917c51acc97fb0761b1edec85f1f3d02bda4	2021-11-17

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 3.2 < 4.4.294 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.2 < 4.4.294"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 3.2 < 4.9.292 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.2 < 4.9.292"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 3.2 < 4.14.257 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.2 < 4.14.257"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 3.2 < 4.19.219 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.2 < 4.19.219"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 3.2 < 5.4.163 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.2 < 5.4.163"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 3.2 < 5.10.83 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.2 < 5.10.83"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 3.2 < 5.15.6 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.2 < 5.15.6"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 3.2 < 5.16 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.2 < 5.16"		en		Affected