5.5
CVE-2021-47360
- EPSS 0.25%
- Veröffentlicht 21.05.2024 15:15:22
- Zuletzt bearbeitet 12.05.2025 19:54:35
- Quelle 416baaa9-dc9f-4396-8d5f-8c081f
- CVE-Watchlists
- Unerledigt
binder: make sure fd closes complete
In the Linux kernel, the following vulnerability has been resolved: binder: make sure fd closes complete During BC_FREE_BUFFER processing, the BINDER_TYPE_FDA object cleanup may close 1 or more fds. The close operations are completed using the task work mechanism -- which means the thread needs to return to userspace or the file object may never be dereferenced -- which can lead to hung processes. Force the binder thread back to userspace if an fd is closed during BC_FREE_BUFFER handling.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Linux ≫ Linux Kernel Version >= 5.0 < 5.4.150
Linux ≫ Linux Kernel Version >= 5.5 < 5.10.70
Linux ≫ Linux Kernel Version >= 5.11 < 5.14.9
Linux ≫ Linux Kernel Version4.20.1
Linux ≫ Linux Kernel Version5.15 Updaterc1
Linux ≫ Linux Kernel Version5.15 Updaterc2
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.25% | 0.16 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5.5 | 1.8 | 3.6 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
|
CWE-252 Unchecked Return Value
The product does not check the return value from a method or function, which can prevent it from detecting unexpected states and conditions.
https://git.kernel.org/stable/c/5fdb55c1ac9585eb23bb2541d5819224429e103d
https://git.kernel.org/stable/c/aa2c274c279ff365a06a4cba263f04965895166e
https://git.kernel.org/stable/c/b95483d8d94b41fa31a84c1d86710b7907a37621
https://git.kernel.org/stable/c/d5b0473707fa53b03a5db0256ce62b2874bddbc7