CVE-2021-47194

HIGH Year: 2021
CVSS v3 Score
7.8
High
Weakness Type
CWE-665
View all →

Vulnerability Description

In the Linux kernel, the following vulnerability has been resolved: cfg80211: call cfg80211_stop_ap when switch from P2P_GO type If the userspace tools switch from NL80211_IFTYPE_P2P_GO to NL80211_IFTYPE_ADHOC via send_msg(NL80211_CMD_SET_INTERFACE), it does not call the cleanup cfg80211_stop_ap(), this leads to the initialization of in-use data. For example, this path re-init the sdata->assigned_chanctx_list while it is still an element of assigned_vifs list, and makes that linked list corrupt.

Related Vulnerabilities

CVE-2007-3749

HIGH
CVSS:7.8(High)

The kernel in Apple Mac OS X 10.4 through 10.4.10 does not reset the current Mach Thread Port or Thread Exception Port when executing a setuid program, which allows local users to execute arbitrary co...

CWE-6652007

CVE-2014-9942

HIGH
CVSS:7.8(High)

In Boot in all Android releases from CAF using the Linux kernel, a Use of Uninitialized Variable vulnerability could potentially exist.

CWE-6652014

CVE-2017-0723

HIGH
CVSS:7.8(High)

A remote code execution vulnerability in the Android media framework (libavc). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-37968755.

CWE-6652017

CVE-2017-0745

HIGH
CVSS:7.8(High)

A remote code execution vulnerability in the Android media framework (avc decoder). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-37079296.

CWE-6652017

CVE-2017-13153

HIGH
CVSS:7.8(High)

An elevation of privilege vulnerability in the Android media framework (libaudioservice). Product: Android. Versions: 8.0. Android ID A-65280854.

CWE-6652017

CVE-2017-14102

HIGH
CVSS:7.8(High)

MIMEDefang 2.80 and earlier creates a PID file after dropping privileges to a non-root account, which might allow local users to kill arbitrary processes by leveraging access to this non-root account ...

CWE-6652017