CVE-2021-37159

CVE-2021-37159

Name

CVE-2021-37159

Description

hso_free_net_device in drivers/net/usb/hso.c in the Linux kernel through 5.13.4 calls unregister_netdev without checking for the NETREG_REGISTERED state, leading to a use-after-free and a double free.

NVD Severity

unknown

Other trackers

CVE, NVD, CERT, CVE Details, CIRCL, Arch Linux, Debian, Red Hat, Ubuntu, Gentoo, SUSE (Bugzilla), SUSE (CVE), Mageia

Mailing lists

oss-security, full-disclosure, bugtraq

Exploits

Exploit DB, Metasploit

Forges

GitHub (code, issues), Aports (code, issues)

Type	URI
MISC	https://www.spinics.net/lists/linux-usb/msg202228.html
Third Party Advisory	https://security.netapp.com/advisory/ntap-20210819-0003/
MLIST	https://lists.debian.org/debian-lts-announce/2021/10/msg00010.html
Mailing List	https://lists.debian.org/debian-lts-announce/2021/12/msg00012.html
cve@mitre.org	https://bugzilla.suse.com/show_bug.cgi?id=1188601
cve@mitre.org	https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=a6ecfb39ba9d7316057cea823b196b734f6b18ca
cve@mitre.org	https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=dcb713d53e2eadf42b878c12a471e74dc6ed3145
Patch	https://www.oracle.com/security-alerts/cpujul2022.html

Type

URI

MISC

https://www.spinics.net/lists/linux-usb/msg202228.html

Third Party Advisory

https://security.netapp.com/advisory/ntap-20210819-0003/

MLIST

https://lists.debian.org/debian-lts-announce/2021/10/msg00010.html

Mailing List

https://lists.debian.org/debian-lts-announce/2021/12/msg00012.html

cve@mitre.org

https://bugzilla.suse.com/show_bug.cgi?id=1188601