CVE-2021-46979

MEDIUM Year: 2021
CVSS v3 Score
5.5
Medium
Weakness Type
CWE-415
View all →

Vulnerability Description

In the Linux kernel, the following vulnerability has been resolved: iio: core: fix ioctl handlers removal Currently ioctl handlers are removed twice. For the first time during iio_device_unregister() then later on inside iio_device_unregister_eventset() and iio_buffers_free_sysfs_and_mask(). Double free leads to kernel panic. Fix this by not touching ioctl handlers list directly but rather letting code responsible for registration call the matching cleanup routine itself.

Related Vulnerabilities

CVE-2014-9807

MEDIUM
CVSS:5.5(Medium)

The pdb coder in ImageMagick allows remote attackers to cause a denial of service (double free) via unspecified vectors.

CWE-4152014

CVE-2015-5203

MEDIUM
CVSS:5.5(Medium)

Double free vulnerability in the jasper_image_stop_load function in JasPer 1.900.17 allows remote attackers to cause a denial of service (crash) via a crafted JPEG 2000 image file.

CWE-4152015

CVE-2015-8894

MEDIUM
CVSS:5.5(Medium)

Double free vulnerability in coders/tga.c in ImageMagick 7.0.0 and later allows remote attackers to cause a denial of service (application crash) via a crafted tga file.

CWE-4152015

CVE-2017-15330

MEDIUM
CVSS:5.5(Medium)

The Flp Driver in some Huawei smartphones of the software Vicky-AL00AC00B124D, Vicky-AL00AC00B157D, Vicky-AL00AC00B167 has a double free vulnerability. An attacker can trick a user to install a malici...

CWE-4152017

CVE-2017-15364

MEDIUM
CVSS:5.5(Medium)

The foreach function in ext/ccsv.c in Ccsv 1.1.0 allows remote attackers to cause a denial of service (double free and application crash) or possibly have unspecified other impact via a crafted file. ...

CWE-4152017

CVE-2017-6353

MEDIUM
CVSS:5.5(Medium)

net/sctp/socket.c in the Linux kernel through 4.10.1 does not properly restrict association peel-off operations during certain wait states, which allows local users to cause a denial of service (inval...

CWE-4152017