How severe is CVE-2021-47143?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 5.5 out of 10.

What type of vulnerability is CVE-2021-47143?

This is classified as CWE-459, which is a common weakness in software security.

CVE-2021-47143 - MEDIUM Severity | CVSS 5.5

Vulnerability Description

In the Linux kernel, the following vulnerability has been resolved: net/smc: remove device from smcd_dev_list after failed device_add() If the device_add() for a smcd_dev fails, there's no cleanup step that rolls back the earlier list_add(). The device subsequently gets freed, and we end up with a corrupted list. Add some error handling that removes the device from the list.

Related Vulnerabilities

CVE-2000-0552

MEDIUM

CVSS:5.5(Medium)

ICQwebmail client for ICQ 2000A creates a world readable temporary file during login and does not delete it, which allows local users to obtain sensitive information.

CWE-4592000

CVE-2002-0788

MEDIUM

CVSS:5.5(Medium)

An interaction between PGP 7.0.3 with the "wipe deleted files" option, when used on Windows Encrypted File System (EFS), creates a cleartext temporary files that cannot be wiped or deleted due to stro...

CWE-4592002

CVE-2005-2293

MEDIUM

CVSS:5.5(Medium)

Oracle Formsbuilder 9.0.4 stores database usernames and passwords in a temporary file, which is not deleted after it is used, which allows local users to obtain sensitive information.

CWE-4592005

CVE-2019-14115

MEDIUM

CVSS:5.5(Medium)

u'Information disclosure issue occurs as in current logic as secure touch is released without clearing the display session which can result in user reading the secure input while touch is in non-secur...

CWE-4592019

CVE-2019-5595

MEDIUM

CVSS:5.5(Medium)

In FreeBSD before 11.2-STABLE(r343782), 11.2-RELEASE-p9, 12.0-STABLE(r343781), and 12.0-RELEASE-p3, kernel callee-save registers are not properly sanitized before return from system calls, potentially...

CWE-4592019

CVE-2020-0258

MEDIUM

CVSS:5.5(Medium)

In stopZygoteLocked of AppZygote.java, there is an insufficient cleanup. This could lead to local information disclosure in the application that is started next with no additional execution privileges...

CWE-4592020