How severe is CVE-2021-47281?

This vulnerability has a severity rating of HIGH with a CVSS score of 7 out of 10.

What type of vulnerability is CVE-2021-47281?

This is classified as CWE-416, which is a common weakness in software security.

CVE-2021-47281 - HIGH Severity | CVSS 7

Vulnerability Description

In the Linux kernel, the following vulnerability has been resolved: ALSA: seq: Fix race of snd_seq_timer_open() The timer instance per queue is exclusive, and snd_seq_timer_open() should have managed the concurrent accesses. It looks as if it's checking the already existing timer instance at the beginning, but it's not right, because there is no protection, hence any later concurrent call of snd_seq_timer_open() may override the timer instance easily. This may result in UAF, as the leftover timer instance can keep running while the queue itself gets closed, as spotted by syzkaller recently. For avoiding the race, add a proper check at the assignment of tmr->timeri again, and return -EBUSY if it's been already registered.

Related Vulnerabilities

CVE-2014-9940

HIGH

CVSS:7.0(High)

The regulator_ena_gpio_free function in drivers/regulator/core.c in the Linux kernel before 3.19 allows local users to gain privileges or cause a denial of service (use-after-free) via a crafted appli...

CWE-4162014

CVE-2016-10088

HIGH

CVSS:7.0(High)

The sg implementation in the Linux kernel through 4.9 does not properly restrict write operations in situations where the KERNEL_DS option is set, which allows local users to read or write to arbitrar...

CWE-4162016

CVE-2017-10661

HIGH

CVSS:7.0(High)

Race condition in fs/timerfd.c in the Linux kernel before 4.10.15 allows local users to gain privileges or cause a denial of service (list corruption or use-after-free) via simultaneous file-descripto...

CWE-4162017

CVE-2017-17053

HIGH

CVSS:7.0(High)

The init_new_context function in arch/x86/include/asm/mmu_context.h in the Linux kernel before 4.12.10 does not correctly handle errors from LDT table allocation when forking a new process, allowing a...

CWE-4162017

CVE-2017-18153

HIGH

CVSS:7.0(High)

A race condition exists in a driver potentially leading to a use-after-free condition.

CWE-4162017

CVE-2017-18202

HIGH

CVSS:7.0(High)

The __oom_reap_task_mm function in mm/oom_kill.c in the Linux kernel before 4.14.4 mishandles gather operations, which allows attackers to cause a denial of service (TLB entry leak or use-after-free) ...

CWE-4162017