VYPR
High severity7.8NVD Advisory· Published Feb 29, 2024· Updated Jun 17, 2026

CVE-2021-47061

CVE-2021-47061

Description

In the Linux kernel, the following vulnerability has been resolved:

KVM: Destroy I/O bus devices on unregister failure _after_ sync'ing SRCU

If allocating a new instance of an I/O bus fails when unregistering a device, wait to destroy the device until after all readers are guaranteed to see the new null bus. Destroying devices before the bus is nullified could lead to use-after-free since readers expect the devices on their reference of the bus to remain valid.

Affected products

93

Patches

Vulnerability mechanics

References

4

News mentions

0

No linked articles in our index yet.