vulnerability

Debian: CVE-2021-47356: linux -- security update

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
7	(AV:L/AC:L/Au:N/C:N/I:C/A:C)	May 21, 2024	Jul 30, 2024	Mar 30, 2026

Severity

CVSS

(AV:L/AC:L/Au:N/C:N/I:C/A:C)

Published

May 21, 2024

Added

Jul 30, 2024

Modified

Mar 30, 2026

Description

In the Linux kernel, the following vulnerability has been resolved:

mISDN: fix possible use-after-free in HFC_cleanup()

This module's remove path calls del_timer(). However, that function
does not wait until the timer handler finishes. This means that the
timer handler may still be running after the driver's remove function
has finished, which would result in a use-after-free.

Fix by calling del_timer_sync(), which makes sure the timer handler
has finished, and unable to re-schedule itself.

Solution

debian-upgrade-linux

References

CVE-2021-47356
https://attackerkb.com/topics/CVE-2021-47356
CWE-416
EUVD-EUVD-2021-34361
https://euvd.enisa.europa.eu/vulnerability/EUVD-2021-34361

Rapid7 Labs

2026 Global Threat Landscape Report

The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.

Get report