Vulnerabilities > CVE-2021-37159 - Use After Free vulnerability in multiple products

047910
CVSS 6.4 - MEDIUM
Attack vector
PHYSICAL
Attack complexity
HIGH
Privileges required
NONE
Confidentiality impact
HIGH
Integrity impact
HIGH
Availability impact
HIGH

Summary

hso_free_net_device in drivers/net/usb/hso.c in the Linux kernel through 5.13.4 calls unregister_netdev without checking for the NETREG_REGISTERED state, leading to a use-after-free and a double free.

Vulnerable Configurations

Part Description Count
OS
Linux
4930
OS
Debian
1
Application
Oracle
3

Common Weakness Enumeration (CWE)