{"id":"CVE-2021-37159","details":"hso_free_net_device in drivers/net/usb/hso.c in the Linux kernel through 5.13.4 calls unregister_netdev without checking for the NETREG_REGISTERED state, leading to a use-after-free and a double free.","aliases":["A-195082947","PUB-A-195082947"],"modified":"2026-03-15T22:41:14.437606Z","published":"2021-07-21T15:16:20.777Z","related":["ALSA-2022:1988","SUSE-SU-2021:14849-1","SUSE-SU-2021:3675-1","SUSE-SU-2021:3723-1","SUSE-SU-2021:3748-1","SUSE-SU-2021:3806-1","SUSE-SU-2021:3807-1","SUSE-SU-2021:3848-1","SUSE-SU-2021:3876-1","SUSE-SU-2021:3929-1","SUSE-SU-2021:3933-1","SUSE-SU-2021:3935-1","SUSE-SU-2021:3969-1","SUSE-SU-2021:3972-1","SUSE-SU-2021:3978-1","SUSE-SU-2025:0834-1","openSUSE-SU-2021:1501-1","openSUSE-SU-2021:3675-1","openSUSE-SU-2021:3806-1","openSUSE-SU-2021:3876-1"],"references":[{"type":"WEB","url":"https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=a6ecfb39ba9d7316057cea823b196b734f6b18ca"},{"type":"WEB","url":"https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=dcb713d53e2eadf42b878c12a471e74dc6ed3145"},{"type":"ADVISORY","url":"https://lists.debian.org/debian-lts-announce/2021/10/msg00010.html"},{"type":"ADVISORY","url":"https://lists.debian.org/debian-lts-announce/2021/12/msg00012.html"},{"type":"ADVISORY","url":"https://security.netapp.com/advisory/ntap-20210819-0003/"},{"type":"REPORT","url":"https://bugzilla.suse.com/show_bug.cgi?id=1188601"},{"type":"FIX","url":"https://www.oracle.com/security-alerts/cpujul2022.html"},{"type":"FIX","url":"https://www.spinics.net/lists/linux-usb/msg202228.html"}],"affected":[{"database_specific":{"unresolved_ranges":[{"events":[{"introduced":"0"},{"last_affected":"5.13.4"}]},{"events":[{"introduced":"0"},{"last_affected":"9.0"}]},{"events":[{"introduced":"0"},{"last_affected":"22.1.3"}]},{"events":[{"introduced":"0"},{"last_affected":"22.1.1"}]},{"events":[{"introduced":"0"},{"last_affected":"22.2.0"}]}],"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-37159.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}]}