Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2021-46932

Опубликовано: 27 фев. 2024
Источник: redhat
CVSS3: 2.3
EPSS Низкий

Описание

In the Linux kernel, the following vulnerability has been resolved: Input: appletouch - initialize work before device registration Syzbot has reported warning in __flush_work(). This warning is caused by work->func == NULL, which means missing work initialization. This may happen, since input_dev->close() calls cancel_work_sync(&dev->work), but dev->work initalization happens after input_register_device() call. So this patch moves dev->work initialization before registering input device

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 6kernelOut of support scope
Red Hat Enterprise Linux 7kernelOut of support scope
Red Hat Enterprise Linux 7kernel-rtOut of support scope
Red Hat Enterprise Linux 8kernelAffected
Red Hat Enterprise Linux 8kernel-rtAffected
Red Hat Enterprise Linux 9kernelNot affected
Red Hat Enterprise Linux 9kernel-rtNot affected

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Low
Дефект:
CWE-416
https://bugzilla.redhat.com/show_bug.cgi?id=2266318kernel: Input: appletouch - initialize work before device registration

EPSS

Процентиль: 0%
0.00006
Низкий

2.3 Low

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2021-46932

CVSS3: 5.5
ubuntu
больше 1 года назад

In the Linux kernel, the following vulnerability has been resolved: Input: appletouch - initialize work before device registration Syzbot has reported warning in __flush_work(). This warning is caused by work->func == NULL, which means missing work initialization. This may happen, since input_dev->close() calls cancel_work_sync(&dev->work), but dev->work initalization happens _after_ input_register_device() call. So this patch moves dev->work initialization before registering input device

nvd логотип

CVE-2021-46932

CVSS3: 5.5
nvd
больше 1 года назад

In the Linux kernel, the following vulnerability has been resolved: Input: appletouch - initialize work before device registration Syzbot has reported warning in __flush_work(). This warning is caused by work->func == NULL, which means missing work initialization. This may happen, since input_dev->close() calls cancel_work_sync(&dev->work), but dev->work initalization happens _after_ input_register_device() call. So this patch moves dev->work initialization before registering input device

debian логотип

CVE-2021-46932

CVSS3: 5.5
debian
больше 1 года назад

In the Linux kernel, the following vulnerability has been resolved: I ...

github логотип

GHSA-7674-fj4m-c42f

CVSS3: 5.5
github
больше 1 года назад

In the Linux kernel, the following vulnerability has been resolved: Input: appletouch - initialize work before device registration Syzbot has reported warning in __flush_work(). This warning is caused by work->func == NULL, which means missing work initialization. This may happen, since input_dev->close() calls cancel_work_sync(&dev->work), but dev->work initalization happens _after_ input_register_device() call. So this patch moves dev->work initialization before registering input device

fstec логотип

BDU:2024-06348

CVSS3: 5.5
fstec
больше 3 лет назад

Уязвимость функции cancel_work_sync() в компоненте appletouch ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании

EPSS

Процентиль: 0%
0.00006
Низкий

2.3 Low

CVSS3