CVE-2021-47653

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Feb 26, 2025

Updated: Feb 27, 2025

CWE ID 416

Summary

CVE-2021-47653 is a vulnerability affecting the Linux kernel's Media Drivers, specifically the davinci:vpif driver. This issue arises due to a failure to deregister two platform device structures during driver unbind. As a result, a use-after-free condition occurs, allowing malicious actors to manipulate the system's resources. The vulnerability is resolved by adding the necessary deregistration calls to the remove() callback and failing probe on registration errors. Proper release callbacks should be used to prevent the leaking of associated resources.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Linux Kernel

Affected Vendors

LINUX

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/3uroXn
https://www.cve.org/CVERecord?id=CVE-2021-47653
https://nvd.nist.gov/vuln/detail/CVE-2021-47653

Back to Vulnerability Database