{"id":"CVE-2021-47361","details":"In the Linux kernel, the following vulnerability has been resolved:\n\nmcb: fix error handling in mcb_alloc_bus()\n\nThere are two bugs:\n1) If ida_simple_get() fails then this code calls put_device(carrier)\n   but we haven't yet called get_device(carrier) and probably that\n   leads to a use after free.\n2) After device_initialize() then we need to use put_device() to\n   release the bus.  This will free the internal resources tied to the\n   device and call mcb_free_bus() which will free the rest.","modified":"2026-03-15T22:43:11.962584Z","published":"2024-05-21T15:15:22.283Z","related":["SUSE-SU-2024:1979-1","SUSE-SU-2024:1983-1","SUSE-SU-2024:2008-1","SUSE-SU-2024:2011-1","SUSE-SU-2024:2019-1","SUSE-SU-2024:2184-1","SUSE-SU-2024:2189-1","SUSE-SU-2024:2190-1"],"references":[{"type":"FIX","url":"https://git.kernel.org/stable/c/9fc198f415dee070a1de957bb5bf5921d8df3499"},{"type":"FIX","url":"https://git.kernel.org/stable/c/115b07d9f47e3996430b8f2007edd9768e1f807f"},{"type":"FIX","url":"https://git.kernel.org/stable/c/25a1433216489de4abc889910f744e952cb6dbae"},{"type":"FIX","url":"https://git.kernel.org/stable/c/66f74ba9be9daf9c47fface6af3677f602774f6b"},{"type":"FIX","url":"https://git.kernel.org/stable/c/7751f609eadf36b1f53712bae430019c53a16eb0"},{"type":"FIX","url":"https://git.kernel.org/stable/c/8a558261fa57a6deefb0925ab1829f698b194aea"},{"type":"FIX","url":"https://git.kernel.org/stable/c/91e4ad05bf18322b5921d1a6c9b603f6eb1694f0"}],"affected":[{"database_specific":{"unresolved_ranges":[{"events":[{"introduced":"4.7"},{"fixed":"4.9.285"}]},{"events":[{"introduced":"4.10"},{"fixed":"4.14.249"}]},{"events":[{"introduced":"4.15"},{"fixed":"4.19.209"}]},{"events":[{"introduced":"4.20"},{"fixed":"5.4.150"}]},{"events":[{"introduced":"5.5"},{"fixed":"5.10.70"}]},{"events":[{"introduced":"5.11"},{"fixed":"5.14.9"}]},{"events":[{"introduced":"0"},{"last_affected":"5.15-rc1"}]},{"events":[{"introduced":"0"},{"last_affected":"5.15-rc2"}]}],"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-47361.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}]}