retired/CVE-2021-46959


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17

Description: spi: Fix use-after-free with devm_spi_alloc_*
References:
Notes:
 carnil> Introduced in 5e844cc37a5c ("spi: Introduce device-managed SPI controller
 carnil> allocation"). Vulnerable versions: 4.4.248 4.9.248 4.14.212 4.19.163 5.4.80
 carnil> 5.9.11 5.10-rc5.
Bugs:
upstream: released (5.13-rc1) [794aaf01444d4e765e2b067cba01cc69c1c68ed9]
6.7-upstream-stable: N/A "Fixed before branching point"
6.6-upstream-stable: N/A "Fixed before branching point"
6.1-upstream-stable: N/A "Fixed before branching point"
5.10-upstream-stable: released (5.10.37) [c7fabe372a9031acd00498bc718ce27c253abfd1]
4.19-upstream-stable: released (4.19.191) [28a5529068c51cdf0295ab1e11a99a3a909a03e4]
sid: released (5.10.38-1)
6.1-bookworm-security: N/A "Fixed before branching point"
5.10-bullseye-security: N/A "Fixed before branching point"
4.19-buster-security: released (4.19.194-1)