{"dataType":"CVE_RECORD","dataVersion":"5.1","cveMetadata":{"cveId":"CVE-2021-46979","assignerOrgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","state":"PUBLISHED","assignerShortName":"Linux","dateReserved":"2024-02-27T18:42:55.945Z","datePublished":"2024-02-28T08:13:09.736Z","dateUpdated":"2025-05-04T07:01:38.591Z"},"containers":{"cna":{"providerMetadata":{"orgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","shortName":"Linux","dateUpdated":"2025-05-04T07:01:38.591Z"},"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\niio: core: fix ioctl handlers removal\n\nCurrently ioctl handlers are removed twice. For the first time during\niio_device_unregister() then later on inside\niio_device_unregister_eventset() and iio_buffers_free_sysfs_and_mask().\nDouble free leads to kernel panic.\n\nFix this by not touching ioctl handlers list directly but rather\nletting code responsible for registration call the matching cleanup\nroutine itself."}],"affected":[{"product":"Linux","vendor":"Linux","defaultStatus":"unaffected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["drivers/iio/industrialio-core.c"],"versions":[{"version":"8dedcc3eee3aceb37832176f0a1b03d5687acda3","lessThan":"11e1cae5da4096552f7c091476cbadbc0d1817da","status":"affected","versionType":"git"},{"version":"8dedcc3eee3aceb37832176f0a1b03d5687acda3","lessThan":"ab6c935ba3a04317632f3b8b68675bdbaf395303","status":"affected","versionType":"git"},{"version":"8dedcc3eee3aceb37832176f0a1b03d5687acda3","lessThan":"901f84de0e16bde10a72d7eb2f2eb73fcde8fa1a","status":"affected","versionType":"git"}]},{"product":"Linux","vendor":"Linux","defaultStatus":"affected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["drivers/iio/industrialio-core.c"],"versions":[{"version":"5.11","status":"affected"},{"version":"0","lessThan":"5.11","status":"unaffected","versionType":"semver"},{"version":"5.11.22","lessThanOrEqual":"5.11.*","status":"unaffected","versionType":"semver"},{"version":"5.12.5","lessThanOrEqual":"5.12.*","status":"unaffected","versionType":"semver"},{"version":"5.13","lessThanOrEqual":"*","status":"unaffected","versionType":"original_commit_for_fix"}]}],"cpeApplicability":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.11","versionEndExcluding":"5.11.22"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.11","versionEndExcluding":"5.12.5"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.11","versionEndExcluding":"5.13"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/11e1cae5da4096552f7c091476cbadbc0d1817da"},{"url":"https://git.kernel.org/stable/c/ab6c935ba3a04317632f3b8b68675bdbaf395303"},{"url":"https://git.kernel.org/stable/c/901f84de0e16bde10a72d7eb2f2eb73fcde8fa1a"}],"title":"iio: core: fix ioctl handlers removal","x_generator":{"engine":"bippy-1.2.0"}},"adp":[{"title":"CISA ADP Vulnrichment","metrics":[{"other":{"type":"ssvc","content":{"id":"CVE-2021-46979","role":"CISA Coordinator","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"partial"}],"version":"2.0.3","timestamp":"2024-03-05T16:50:41.718465Z"}}}],"providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2024-06-04T17:13:09.338Z"}},{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-04T05:24:38.457Z"},"title":"CVE Program Container","references":[{"url":"https://git.kernel.org/stable/c/11e1cae5da4096552f7c091476cbadbc0d1817da","tags":["x_transferred"]},{"url":"https://git.kernel.org/stable/c/ab6c935ba3a04317632f3b8b68675bdbaf395303","tags":["x_transferred"]},{"url":"https://git.kernel.org/stable/c/901f84de0e16bde10a72d7eb2f2eb73fcde8fa1a","tags":["x_transferred"]}]}]}}