Vulnerabilities > CVE-2021-36144 - Use After Free vulnerability in Linux Acrn

047910
CVSS 5.0 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
PARTIAL
network
low complexity
linux
CWE-416

Summary

The polling timer handler in ACRN before 2.5 has a use-after-free for a freed virtio device, related to devicemodel/hw/pci/virtio/*.c.

Common Weakness Enumeration (CWE)