CVE-2021-29266

Name
CVE-2021-29266
Description
An issue was discovered in the Linux kernel before 5.11.9. drivers/vhost/vdpa.c has a use-after-free because v->config_ctx has an invalid value upon re-opening a character device, aka CID-f6bbf0010ba0.
NVD Severity
medium
Other trackers
Mailing lists
Exploits
Forges
GitHub (code, issues), Aports (code, issues)

References

Type URI
Release Notes https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.11.9
Patch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=f6bbf0010ba004f5e90c7aefdebc0ee4bd3283b9
Third Party Advisory https://security.netapp.com/advisory/ntap-20210513-0005/

Match rules

CPE URI Source package Min version Max version
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* linux_kernel >= None < 5.11.9

Vulnerable and fixed packages

Source package Branch Version Maintainer Status