{"id":"CVE-2021-47334","details":"In the Linux kernel, the following vulnerability has been resolved:\n\nmisc/libmasm/module: Fix two use after free in ibmasm_init_one\n\nIn ibmasm_init_one, it calls ibmasm_init_remote_input_dev().\nInside ibmasm_init_remote_input_dev, mouse_dev and keybd_dev are\nallocated by input_allocate_device(), and assigned to\nsp-\u003eremote.mouse_dev and sp-\u003eremote.keybd_dev respectively.\n\nIn the err_free_devices error branch of ibmasm_init_one,\nmouse_dev and keybd_dev are freed by input_free_device(), and return\nerror. Then the execution runs into error_send_message error branch\nof ibmasm_init_one, where ibmasm_free_remote_input_dev(sp) is called\nto unregister the freed sp-\u003eremote.mouse_dev and sp-\u003eremote.keybd_dev.\n\nMy patch add a \"error_init_remote\" label to handle the error of\nibmasm_init_remote_input_dev(), to avoid the uaf bugs.","modified":"2026-03-15T22:00:21.094064Z","published":"2024-05-21T15:15:20.273Z","related":["SUSE-SU-2024:1979-1","SUSE-SU-2024:1983-1","SUSE-SU-2024:2010-1","SUSE-SU-2024:2183-1","SUSE-SU-2024:2184-1","SUSE-SU-2024:2185-1"],"references":[{"type":"FIX","url":"https://git.kernel.org/stable/c/1512e7dc5eb08b7d92a12e2bfcd9cb8c4a1ec069"},{"type":"FIX","url":"https://git.kernel.org/stable/c/29ba8e2ba89ee2862a26d91204dd5fe77ceee25a"},{"type":"FIX","url":"https://git.kernel.org/stable/c/38660031e80eaa6cc9370b031c180612f414b00d"},{"type":"FIX","url":"https://git.kernel.org/stable/c/481a76d4749ee3a27f902ba213fdcbb4bb39720e"},{"type":"FIX","url":"https://git.kernel.org/stable/c/5b06ca113bf197aab2ab61288f42506e0049fbab"},{"type":"FIX","url":"https://git.kernel.org/stable/c/7272b591c4cb9327c43443f67b8fbae7657dd9ae"},{"type":"FIX","url":"https://git.kernel.org/stable/c/a7268e8a227d5a4f0bd1584f556246b0224ab274"},{"type":"FIX","url":"https://git.kernel.org/stable/c/b9c87ce3bc6331f82811a8cf8e930423c22523a3"},{"type":"FIX","url":"https://git.kernel.org/stable/c/ef1067d2baa847d53c9988510d99fb494de4d12c"}],"affected":[{"database_specific":{"unresolved_ranges":[{"events":[{"introduced":"0"},{"fixed":"4.4.276"}]},{"events":[{"introduced":"4.5"},{"fixed":"4.9.276"}]},{"events":[{"introduced":"4.10"},{"fixed":"4.14.240"}]},{"events":[{"introduced":"4.15"},{"fixed":"4.19.198"}]},{"events":[{"introduced":"4.20"},{"fixed":"5.4.134"}]},{"events":[{"introduced":"5.5"},{"fixed":"5.10.52"}]},{"events":[{"introduced":"5.11"},{"fixed":"5.12.19"}]},{"events":[{"introduced":"5.13"},{"fixed":"5.13.4"}]}],"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-47334.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}]}