{"dataType":"CVE_RECORD","dataVersion":"5.1","cveMetadata":{"cveId":"CVE-2021-46966","assignerOrgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","state":"PUBLISHED","assignerShortName":"Linux","dateReserved":"2024-02-27T18:42:55.943Z","datePublished":"2024-02-27T18:47:03.631Z","dateUpdated":"2025-05-04T12:40:40.314Z"},"containers":{"cna":{"providerMetadata":{"orgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","shortName":"Linux","dateUpdated":"2025-05-04T12:40:40.314Z"},"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nACPI: custom_method: fix potential use-after-free issue\n\nIn cm_write(), buf is always freed when reaching the end of the\nfunction.  If the requested count is less than table.length, the\nallocated buffer will be freed but subsequent calls to cm_write() will\nstill try to access it.\n\nRemove the unconditional kfree(buf) at the end of the function and\nset the buf to NULL in the -EINVAL error path to match the rest of\nfunction."}],"affected":[{"product":"Linux","vendor":"Linux","defaultStatus":"unaffected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["drivers/acpi/custom_method.c"],"versions":[{"version":"4bda2b79a9d04c8ba31681c66e95877dbb433416","lessThan":"1d53ca5d131074c925ce38361fb0376d3bf7e394","status":"affected","versionType":"git"},{"version":"5c12dadcbef8cd55ef1f5dac799bfcbb7ea7db1d","lessThan":"8b04d57f30caf76649d0567551589af9a66ca9be","status":"affected","versionType":"git"},{"version":"35b88a10535edcf62d3e6b7893a8cd506ff98a24","lessThan":"90575d1d9311b753cf1718f4ce9061ddda7dfd23","status":"affected","versionType":"git"},{"version":"e4467fb6ef547aa352dc03397f9474ec84eced5b","lessThan":"a5b26a2e362f572d87e9fd35435680e557052a17","status":"affected","versionType":"git"},{"version":"03d1571d9513369c17e6848476763ebbd10ec2cb","lessThan":"72814a94c38a33239793f7622cec6ace1e540c4b","status":"affected","versionType":"git"},{"version":"03d1571d9513369c17e6848476763ebbd10ec2cb","lessThan":"62dc2440ebb552aa0d7f635e1697e077d9d21203","status":"affected","versionType":"git"},{"version":"03d1571d9513369c17e6848476763ebbd10ec2cb","lessThan":"f16737caf41fc06cfe6e49048becb09657074d4b","status":"affected","versionType":"git"},{"version":"03d1571d9513369c17e6848476763ebbd10ec2cb","lessThan":"b7a5baaae212a686ceb812c32fceed79c03c0234","status":"affected","versionType":"git"},{"version":"03d1571d9513369c17e6848476763ebbd10ec2cb","lessThan":"e483bb9a991bdae29a0caa4b3a6d002c968f94aa","status":"affected","versionType":"git"},{"version":"70424999fbf1f160ade111cb9baab51776e0f9c2","status":"affected","versionType":"git"},{"version":"06cd4a06eb596a888239fb8ceb6ea15677cab396","status":"affected","versionType":"git"}]},{"product":"Linux","vendor":"Linux","defaultStatus":"affected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["drivers/acpi/custom_method.c"],"versions":[{"version":"5.4","status":"affected"},{"version":"0","lessThan":"5.4","status":"unaffected","versionType":"semver"},{"version":"4.4.269","lessThanOrEqual":"4.4.*","status":"unaffected","versionType":"semver"},{"version":"4.9.269","lessThanOrEqual":"4.9.*","status":"unaffected","versionType":"semver"},{"version":"4.14.233","lessThanOrEqual":"4.14.*","status":"unaffected","versionType":"semver"},{"version":"4.19.191","lessThanOrEqual":"4.19.*","status":"unaffected","versionType":"semver"},{"version":"5.4.118","lessThanOrEqual":"5.4.*","status":"unaffected","versionType":"semver"},{"version":"5.10.36","lessThanOrEqual":"5.10.*","status":"unaffected","versionType":"semver"},{"version":"5.11.20","lessThanOrEqual":"5.11.*","status":"unaffected","versionType":"semver"},{"version":"5.12.3","lessThanOrEqual":"5.12.*","status":"unaffected","versionType":"semver"},{"version":"5.13","lessThanOrEqual":"*","status":"unaffected","versionType":"original_commit_for_fix"}]}],"cpeApplicability":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.4.195","versionEndExcluding":"4.4.269"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.9.195","versionEndExcluding":"4.9.269"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.14.147","versionEndExcluding":"4.14.233"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.19.77","versionEndExcluding":"4.19.191"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.4","versionEndExcluding":"5.4.118"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.4","versionEndExcluding":"5.10.36"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.4","versionEndExcluding":"5.11.20"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.4","versionEndExcluding":"5.12.3"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.4","versionEndExcluding":"5.13"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.2.19"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.3.4"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/1d53ca5d131074c925ce38361fb0376d3bf7e394"},{"url":"https://git.kernel.org/stable/c/8b04d57f30caf76649d0567551589af9a66ca9be"},{"url":"https://git.kernel.org/stable/c/90575d1d9311b753cf1718f4ce9061ddda7dfd23"},{"url":"https://git.kernel.org/stable/c/a5b26a2e362f572d87e9fd35435680e557052a17"},{"url":"https://git.kernel.org/stable/c/72814a94c38a33239793f7622cec6ace1e540c4b"},{"url":"https://git.kernel.org/stable/c/62dc2440ebb552aa0d7f635e1697e077d9d21203"},{"url":"https://git.kernel.org/stable/c/f16737caf41fc06cfe6e49048becb09657074d4b"},{"url":"https://git.kernel.org/stable/c/b7a5baaae212a686ceb812c32fceed79c03c0234"},{"url":"https://git.kernel.org/stable/c/e483bb9a991bdae29a0caa4b3a6d002c968f94aa"}],"title":"ACPI: custom_method: fix potential use-after-free issue","x_generator":{"engine":"bippy-1.2.0"}},"adp":[{"metrics":[{"other":{"type":"ssvc","content":{"timestamp":"2024-06-28T17:00:55.492289Z","id":"CVE-2021-46966","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2024-06-28T17:01:03.694Z"}},{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-04T05:17:42.993Z"},"title":"CVE Program Container","references":[{"url":"https://git.kernel.org/stable/c/1d53ca5d131074c925ce38361fb0376d3bf7e394","tags":["x_transferred"]},{"url":"https://git.kernel.org/stable/c/8b04d57f30caf76649d0567551589af9a66ca9be","tags":["x_transferred"]},{"url":"https://git.kernel.org/stable/c/90575d1d9311b753cf1718f4ce9061ddda7dfd23","tags":["x_transferred"]},{"url":"https://git.kernel.org/stable/c/a5b26a2e362f572d87e9fd35435680e557052a17","tags":["x_transferred"]},{"url":"https://git.kernel.org/stable/c/72814a94c38a33239793f7622cec6ace1e540c4b","tags":["x_transferred"]},{"url":"https://git.kernel.org/stable/c/62dc2440ebb552aa0d7f635e1697e077d9d21203","tags":["x_transferred"]},{"url":"https://git.kernel.org/stable/c/f16737caf41fc06cfe6e49048becb09657074d4b","tags":["x_transferred"]},{"url":"https://git.kernel.org/stable/c/b7a5baaae212a686ceb812c32fceed79c03c0234","tags":["x_transferred"]},{"url":"https://git.kernel.org/stable/c/e483bb9a991bdae29a0caa4b3a6d002c968f94aa","tags":["x_transferred"]}]}]}}